Until the Department of Justice’s indictment against the two hackers, which was filed on Sunday, the total number of stolen AT&T customer records was unknown.

The document does not mention AT&T. Instead, it mentions “Victim-2,” describing it as “a major telecommunications company located in the United States,” which was breached around April 14. When AT&T previously confirmed it was breached, it said the company learned of the hack on April 19. This means that both the description of what kind of company Victim-2 is, and the dates of its breach, align with what AT&T had publicly disclosed, making it almost certain that Victim-2 is indeed AT&T.