The Dallas-headquartered communications giant says that hackers used a number of automated programs to try to text string-link mobile numbers and account login credentials, which they then hoped to use to access customer accounts via the main AT&T web portal.
AT&T says it sent an advisory email to the customers whose accounts the hackers attempted to gain access to using the scripted attacks.
"We recently detected an organized and systematic attempt to obtain information on a number of AT&T customer accounts, including yours", AT&T apparently said in its email, details of which were reported on the Bloomberg newswire.
"We do not believe that the perpetrators of this attack obtained access to your online account or any of the information contained in that account."
The CNet newswire, meanwhile, quoted an AT&T spokesperson as saying the company “recently detected what could have been an organized attempt to obtain information on a number of customer accounts".
"The people in question appear to have used autoscript technology to determine whether AT&T telephone numbers were linked to online AT&T accounts", the spokesperson told the newswire in a prepared statement.
"Our investigation is ongoing to determine the source or intent of the attempt to gather this information", said the statement. "In the meantime, out of an abundance of caution, we are advising the account holders involved."
Infosecurity notes that this isn’t the first time that AT&T’s mobile customers have been attacked – last year the email and allied details of around 114,000 early-adopter iPad customers of the telecoms giant were revealed after a flaw in the AT&T website was exploited.
Reports of the time said that hackers were able to retrieve email addresses and other data of iPad 3G subscribers because of a flaw in the site that automatically filled in the email address based on the integrated circuit card identifier (ICC-ID) in the iPad's SIM card.
Infosecurity understands that the hackers created a script – 'iPad 3G Account Slurper’ – that sent HTTP requests to the AT&T site with random ICC-IDs and then logged the resultant e-mail addresses.
Although AT&T is not saying anything about the hacker methodology during this latest attack, the two attacks may be linked, although the two men allegedly behind last year's attack were charged in January of this year.