AT&T is alerting affected customers to an "organized and systematic" attack on its website that attempted to steal their data. The nation's second-biggest carrier says in a letter to those customers that it "[does] not believe that the perpetrators of this attack obtained access to your online account or any of the information contained in that account", but decided to warn users "out of an abundance of caution".
Less than one percent of the carrier's 100.7 million customers are affected, but that still puts nearly one million at risk due to AT&T's size. Hackers employed an automated script to see if cellular numbers were linked to AT&T accounts, which the script tried to pair with logins. All attempts appear to be unsuccessful.
"No accounts were breached and our investigation is ongoing to determine the source or intent of the attempt to gather this information", AT&T spokesperson Mark Seigel says.
AT&T advises customers to remain vigilant and do not respond to suspicious text messages or e-mails seeking personal information. Seigel declined to elaborate on any possible attack vector.
This is not the first time AT&T has found itself the target of online attacks. Two men were charged in connection with a hack that exposed the email addresses of 114,000 iPad users in June 2010. One has since pled guilty, and the other has been granted additional time in order to make a plea deal with prosecutors.
Monday's hacking disclosure also follows news of another serious hack involving a small water utility in Illinois. The attack -- believed to have originated from Russia -- caused a water pump to fail by rapidly turning it on and off. While no serious damage was done to the plant, it highlights the increasing threat IT departments face as hacking attempts escalate.