AT&T has confirmed that personal data from approximately 73 million current and former customers has been leaked on the dark web. This confirmation comes after the telecommunications giant initially denied that the leaked data originated from their systems.
AT&T suggests the breach dates back to 2019 or earlier. It includes sensitive information such as Social Security numbers, passcodes, email and mailing addresses, phone numbers, and birth dates. The dataset was discovered on the dark web, raising concerns about potential identity theft and fraud for millions of individuals.
AT&T has begun notifying affected customers and resetting the passcodes of current users as a precautionary measure. The company is also offering credit monitoring services to those whose sensitive personal information was compromised.
AT&T Data Breach
The leaked data set was first brought to light by a threat actor known as Shiny Hunters in 2021, who claimed to be selling the stolen information of 73 million AT&T customers. At that time, AT&T disputed the claims, stating that they had not suffered a breach.
However, the recent leak on a hacking forum, which is said to contain the same data stolen by Shiny Hunters, has led to AT&T’s acknowledgment of the breach.
The incident has not only raised questions about AT&T’s data security measures but also about the broader issue of data protection within the telecommunications industry. This breach is one of several that have affected major U.S. telecom providers in recent years, highlighting the lucrative target these companies present to cyber criminals.
Download Free CISO’s Guide to Avoiding the Next Breach
Are you from The Team of SOC, Network Security, or Security Manager or CSO? Download Perimeter’s Guide to how cloud-based, converged network security improves security and reduces TCO.
- Understand the importance of a zero trust strategy
- Complete Network security Checklist
- See why relying on a legacy VPN is no longer a viable security strategy
- Get suggestions on how to present the move to a cloud-based network security solution
- Explore the advantages of converged network security over legacy approaches
- Discover the tools and technologies that maximize network security
Adapt to the changing threat landscape effortlessly with Perimeter 81’s cloud-based, unified network security platform.
AT&T’s response to the breach has been to launch a robust investigation with the aid of internal and external cybersecurity experts. The company has also encouraged customers to remain vigilant by monitoring their account activity and credit reports.
The Federal Communications Commission (FCC) has updated its data breach notification rules to ensure that telecommunications companies are held accountable for protecting customer information. These rules are designed to enable customers to protect themselves in the event that their data is compromised.
As the investigation continues, AT&T customers are advised to change their passwords, set up fraud alerts, and consider freezing their credit with the three major credit bureaus to protect against identity theft and other malicious activities.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.