AT&T has admitted to a data breach impacting 73 million customers, contradicting previous denials. The leaked data includes sensitive information such as names, addresses, phone numbers, and for some, social security numbers and birth dates. While AT&T maintains there is no evidence of a system breach, security passcodes for 7.6 million customers were compromised. This follows a 2021 denial when Shiny Hunters claimed to have the data. In 2024, another threat actor leaked the same dataset, confirmed by BleepingComputer, though not all customers had sensitive information exposed.

Considering this breach, users should remain vigilant about potential security risks and heightened phishing attempts. With personal information exposed, there may be an increase in spam emails, text messages, and physical mail targeting affected customers. You may receive impersonation calls from support claiming to be from “AT&T” These reps may reference the recent security breach and they want to assist you in securing your account. Users must scrutinize communications, verify the sender’s identity, and refrain from clicking on suspicious links or providing personal information via phone or email. We highly recommend, implementing stronger security measures such as two-factor authentication and regularly monitoring financial accounts can help mitigate potential risks associated with the breach.

Sources:

Article 1: by Lawrence Abrams (https://www.bleepingcomputer.com/news/security/atandt-confirms-data-for-73-million-customers-leaked-on-hacker-forum/)

Article 2: by  MATT O’BRIEN (https://apnews.com/article/att-data-breach-dark-web-passcodes-fbef4afe0c1deec9ffb470f2ec134f41)