Image created by AI
In a significant security incident, AT&T has confirmed that a vast amount of sensitive customer data has been compromised and published online. Approximately 7.6 million current and 65.4 million former customers are affected, with Social Security numbers and passcodes now accessible in a dataset found on the dark web.
AT&T announced the breach on Saturday, stating they were uncertain if the data was leaked directly from their systems or from a vendor. As they delve into the investigation with cybersecurity specialists, AT&T has proactively begun notifying the impacted customers and taken steps to safeguard their information.
What was leaked?
The compromised information variably includes customers' Social Security numbers, passcodes, full names, email addresses, mailing addresses, phone numbers, dates of birth, and account numbers. However, AT&T has assured there was no financial data or call history involved in the data, which dates back to 2019 or earlier.
Determining if You're Affected
Notices by AT&T commenced on Saturday, with impacted customers being alerted via email or letter. The company has reset passcodes for existing accounts and is offering credit monitoring services to those at risk.
AT&T's History with Data Breaches
This incident is not AT&T's first encounter with data insecurity. Troy Hunt, a cybersecurity researcher, emphasized similarities with a breach in 2021 which AT&T previously did not acknowledge. As facts unfold, experts warn of potential class-action lawsuits if AT&T improperly handled the situation.
Protecting Yourself from Future Incidents
Customers are advised to follow cybersecurity best practices, such as creating complex passwords and embracing multifactor authentication. Post-breach, it's advised to change any compromised passwords and stay vigilant for unusual account activity. Additionally, the Federal Trade Commission suggests utilizing credit bureaus' free credit freezes and fraud alerts as an extra protective measure against identity theft and subsequent harm.