In March 2024, AT&T announced a significant data breach affecting approximately 73 million current and former customers. The leaked data appeared on the dark web and included personal information such as Social Security numbers, account numbers, and passcodes. The breach data set likely originated from 2019 or earlier (AT&T Newsroom).
Details of the Breach
- Affected Customers: 7.6 million current account holders and 65.4 million former account holders.
- Compromised Data: Personal identifiable information (PII) including Social Security numbers, phone numbers, addresses, and birth dates.
- Source Investigation: AT&T is investigating whether the data came from its systems or a third-party vendor.
AT&T’s Response
- Investigation: Ongoing, with internal and external cybersecurity experts involved.
- Communication: AT&T is informing affected customers and offering credit monitoring services where applicable.
- Impact: No current evidence suggests that AT&T’s systems were directly breached. The company states that the incident has not materially impacted its operations.
Recommendations for Customers
- Monitor Accounts: Regularly check bank and credit accounts for unusual activity.
- Credit Monitoring: Utilize credit monitoring services offered by AT&T.
- Change Passwords: Update passwords and security questions for all accounts.