A recent discovery has revealed that sensitive information belonging to millions of current and former AT&T customers has been leaked online, the telecommunications giant announced over the weekend. The dataset, found on the “dark web,” contains details such as Social Security numbers and passcodes for approximately 7.6 million current account holders and 65.4 million former account holders. While it remains unclear whether the data originated from AT&T or one of its vendors, the company has initiated an investigation into the matter and started notifying affected customers.
The AT&T Breach Details
The compromised information, which dates back to 2019 or earlier, includes a range of personal data such as full names, email addresses, mailing addresses, phone numbers, dates of birth, and AT&T account numbers. Additionally, numerical PINs, rather than passwords, were among the leaked data, typically four digits long. Fortunately, financial information and call history do not appear to have been included in the breach.
Affected customers can expect to receive emails or letters directly from AT&T regarding the incident, with notifications already underway since Saturday. Passcodes for current users have been reset by the company, and AT&T has committed to covering the costs of credit monitoring services where applicable. Moreover, a comprehensive investigation, involving both internal and external cybersecurity experts, has been launched to delve further into the breach.
While AT&T has acknowledged the breach, similarities to a previous incident in 2021 that went unacknowledged have raised concerns among cybersecurity experts. Failure to promptly notify impacted customers could potentially result in class action lawsuits against the company. In light of such breaches, consumers are advised to bolster their online security by using strong, unique passwords and enabling multifactor authentication where possible. Additionally, remaining vigilant against phishing attempts and leveraging free credit freezes and fraud alerts offered by credit bureaus can further safeguard against identity theft and malicious activity.
