AT&T Admits 73 Million Customers’ Data Breached

What Happened

AT&T has confirmed a customer data breach that has impacted 73 million of its current and former customers. The issue came to light when personal information appeared on the dark web.

Initially, there was uncertainty about whether this data stemmed from AT&T’s systems or a third-party vendor. The investigation revealed the data’s release occurred two weeks ago, and it includes Social Security numbers among other personal details.

Impact

The AT&T customer data breach is substantial, affecting approximately 73 million customers in total. It impacted 7.6 million current account holders and 65.4 million former account holders.

The breached dataset includes names, addresses, phone numbers, and Social Security numbers for many customers. Additionally, the dataset appears to contain security passcodes used by 7.6 million customers to secure their accounts.

Such exposure raises substantial privacy and security concerns for the affected individuals.

Background

The situation originated in 2021 when Shiny Hunters, a recognized threat actor, announced they were selling data from 73 million AT&T customers.

AT&T initially denied these claims, suggesting the data did not originate from their systems. Yet, a recent leak on a hacking forum, purported to contain the same data set, prompted a reevaluation of the incident’s scope and origin.

Response from AT&T

AT&T consistently denied the breach until last weekend when they finally acknowledged it. Since then, the company has outlined the steps they have taken to mitigate the impact.

They have reset the passcodes for 7.6 million customers whose security details were compromised.

In addition, AT&T is notifying all affected individuals and offering guidance on how to secure their accounts and monitor for potential fraud.

To protect themselves, consumers are advised to create strong passwords, use multifactor authentication, monitor account activity, and consider setting up free credit freezes and fraud alerts.

RECENT BLOG POSTS

PODCASTS

Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.