On the heels of AT&T and other carriers promising (again) to stop proving location data to data aggregation companies, many customers of AT&T its MNVO Cricket have received an interesting text message. They were informed that they had consented to sharing "phone location or other subscriber, account, and device data" with third parties, without actually having consented.
I received multiple copies of the text on my Cricket number, which prompted me to look for additional reports. As it turns out, there are plenty of other AT&T and Cricket customers who received the same messages without ever consenting to data access. There's a possibility that these could be spam/phishing messages, but it asks subscribers to not reply ― a phishing spam would likely include a link for people to enter their account credentials.
I reached out to Cricket's customer support, who told me that they are investigating the messages with AT&T. We've reached out to AT&T, and we will update this post when they respond.