Massive Data Breach at AT&T

posted by Roy Schestowitz on Apr 02, 2024,
updated Apr 02, 2024

• Security Week ☛ AT&T Says Data on 73 Million Customers Leaked on Dark Web

  According to the telecommunications giant, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.

  Dallas, Texas-based AT&T used the Easter holiday weekend to quietly share the update on data that surfaced on the dark web roughly two weeks ago.

• New York Times ☛ AT&T Passcodes for Millions Are Reset After Leak of Customer Records

  The company said that “information varied by customer and account,” but that it may have included a person’s full name, email address, mailing address, phone number, Social Security number, date of birth, AT&T account number and passcode.

  In addition to those 7.6 million customers, 65.4 million former account holders were also affected.

• Security Week ☛ AT&T Says Data on 73 Million Customers Leaked on Dark Web

  AT&T used the Easter holiday weekend to quietly share details on data that surfaced on the dark web roughly two weeks ago.

• More than two years after a breach, AT&T resets account passcodes after customer records leak online

  Current and former AT&T customers would have every right to feel infuriated with AT&T. In 2021, when data were first put up for sale on BreachForums by “ShinyHunters,” AT&T denied that the data came from their system or that they had had any breach. They did not rule out that it was customer data that came from a vendor’s system, but never seemed to follow up by contacting all vendors and then reporting back to the public on any findings. For their part, the threat actors never did say where or how they had obtained the data.

Update

A couple more:

• AT&T confirms data from 73M customers exposed on dark web

  Telecommunications company AT&T Inc. has confirmed that personal data relating to 73 million of its past and present customers that made its way onto the dark web recently is believed to have been from 2019 or earlier.

• AT&T’s Being Weirdly Cagey About A Major Data Breach Impacting 73 Million AT&;T Users

  AT&T is under fire after a hacker last month posted the personal information (names, addresses, phone numbers, and social security numbers) of roughly 73 million customers to the open web. Troy Hunt, security researcher and owner of data breach notification site Have I Been Pwned, notes the data first appeared a few years ago courtesy of a hacker seeking payment.