AT&T is informing its current and former customers about a major data leak. The company is sending customers an email and is resetting customer passcodes to prevent unauthorized parties from accessing customer accounts.
It has come to our attention that a number of AT&T passcodes have been compromised. We are reaching out to all 7.6M impacted customers and have reset their passcodes. In addition, we will be communicating with current and former account holders with compromised sensitive personal information.
Our internal teams are working with external cybersecurity experts to analyze the situation. To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history.
We encourage customers to remain vigilant by monitoring account activity and credit reports. You can set up free fraud alerts from nationwide credit bureaus — Equifax, Experian, and TransUnion. You can also request and review your free credit report at any time via Freecreditreport.com.
7.6 million customers and 65.4 million former customers have had their passcodes stolen and have had sensitive data leaked. AT&T claims that there was no unauthorized access to its systems resulting in the theft of the data set, with the information obtained several years ago.
A hacking group claimed back in 2021 that it had stolen the information on 70 million AT&T customers. AT&T t that time claimed there had been no breach
Back in 2021, a hacking group said that it had stolen the information of 70 million AT&T customers. AT&T at the time said that it had not suffered a breach, and the company still insists that the data did not come from its systems. Leaked includes customer names, addresses, birth dates, AT&T account numbers, phone numbers, email addresses, and social security numbers, along with passcodes.
The data was made public last month, and now that it is out in the wild, AT&T has reset customer passcodes and says that it is working in cooperation with external cybersecurity experts to further analyze the situation.
AT&T says leaked data does not include financial information or customer call history. The communications firm will be providing free identity theft and credit monitoring services for customers who had their personal information compromised.
AT&T has determined that AT&T data-specific fields were contained in a data set released on the dark web. While AT&T has made this determination, it is not yet known whether the data in those fields originated from AT&T or one of its vendors.
With respect to the balance of the data set, which includes personal information such as social security numbers, the source of the data is still being assessed. Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and 65.4 million former account holders. Currently, AT&T does not have evidence of unauthorized access to its systems resulting in theft of the data set.
If you are an impacted current or former AT&T customer, you either have or will be receiving a letter or an email from AT&T.