ATT has confirmed a data breach affecting 73 million accounts [2] [3] [5] [6] [7], both current and former customers [2] [3] [5] [6] [7] [8] [10], with leaked data including sensitive personal information [2] [7] [8].


ATT has confirmed a data breach affecting 73 million accounts [2] [3] [5] [6] [7], both current and former customers [2] [3] [5] [6] [7] [8] [10], with leaked data including full names [9], contact details [8], social security numbers [1] [2] [3] [4] [5] [6] [7] [8] [9] [10], dates of birth [1] [6] [9] [10], email addresses [1] [3] [4] [9] [10], account numbers [1] [5] [9] [10], and passcodes [1] [5] [9]. Personal financial details and call history were not compromised. The breach, discovered on the dark web [9], may have occurred in ATT systems or those of a vendor [1]. Shiny Hunters and MajorNelson were involved in distributing the data [1]. The forum offering the data is easily discoverable via a Google search, with registration being free for anyone with the only barrier being obtaining credits [4]. ATT is investigating the source of the leaked data and offering credit monitoring services to affected individuals. The company has reset security passcodes for active customers and is contacting affected customers to inform them about the breach and steps being taken to help them [8]. ATT is working with cybersecurity experts and recommending customers set up fraud alerts with credit bureaus [8]. The company faces a class-action lawsuit for negligence and breach of contract [10]. Customers are advised to update their login credentials [2], freeze credit reports [10], sign up for credit monitoring [10], enable two-factor authentication [10], change passwords [10], and monitor account activity for suspicious transactions to protect against identity theft and fraud [10]. The incident has not significantly impacted ATT’s operations [2]. ATT is reaching out to impacted customers [9], resetting their passcodes [5] [9], and advising vigilance in monitoring account activity and credit reports [9]. The company’s failure to identify the source of the leak may impact customer trust and raise concerns about its internal and network security controls [9]. Cybercriminals may hoard stolen data for various motives [9], potentially waiting to monetize it or use it for future attacks [9]. The passcodes [1] [3] [4] [5] [7] [9], although encrypted [5], were reportedly accessible without cracking the encryption [5]. ATT reset passcodes for affected customers and is offering credit monitoring services [7]. Cybersecurity experts have verified the legitimacy of the leaked data [7]. The incident is not the first data breach ATT has faced [7], with a previous breach affecting 9 million customers [7]. The company disputed claims of a database connected to them in 2022 [7].


The data breach at ATT has raised concerns about customer trust and internal security controls. The company is taking steps to mitigate the impact, including offering credit monitoring services and resetting passcodes. Moving forward, customers are advised to take precautions to protect against identity theft and fraud, such as updating login credentials and enabling two-factor authentication. The incident highlights the ongoing threat of cybercrime and the importance of robust cybersecurity measures in safeguarding sensitive information.