AT&T Confirms Data Breach on 73 Million Customers

AT&T, one of the world’s largest telecommunications companies, confirmed over the weekend that the data of 73 million customers had been compromised in a data breach. This breach, which some media outlets suggest was initially reported back in 2021, included sensitive information such as social security numbers.

In a statement on its website, AT&T disclosed that a data set released on the dark web about two weeks ago contained customer data. The company is currently unsure whether the breach occurred within its own systems or those of one of its vendors. The compromised data included social security numbers, email addresses, phone numbers, dates of birth, AT&T account numbers, and AT&T passcodes.

The majority of the affected individuals, 65.4 million, were former AT&T customers. For the 7.6 million current customers affected, AT&T has taken the step of automatically resetting their passcodes. These passcodes, four-digit codes used in addition to passwords for added security, are required during certain operations such as calling customer service. AT&T has contacted the customers whose passcodes have been reset.

AT&T further clarified that the data set seemed to contain information from 2019 or earlier. The company has pledged to take measures to assist those potentially affected, including offering complimentary identity theft and credit monitoring services.

Despite the breach, AT&T maintains that it currently has no evidence of unauthorized access to its systems resulting in the exfiltration of the data set. The company is proactively communicating with those impacted and will be offering credit monitoring at its expense where applicable.

AT&T will be reaching out to current and former customers whose information was included in the data breach. The company has advised customers concerned about account security to monitor their account activity and credit reports.

Interestingly, the data set involved in the breach may have been on the dark web for some time, according to Bleeping Computer. In 2021, a hacker known as Shiny Hunters claimed to be selling the stolen data of 73 million AT&T customers, which included names, addresses, phone numbers, and birth dates, among others. Shiny Hunters attempted to sell the data for $200,000 and incremental offers of $30,000. AT&T denied that its system had been breached in response to Bleeping Computer in 2021.

In mid-March, the hacker MajorNelson uploaded the data set obtained by Shiny Hunters once more. Bleeping Computer and other cybersecurity researchers have purportedly confirmed that at least some of the customer data included in the breach is accurate.

Unlike the breach in 2021, which the original hacker Shiny Hunters attempted to sell, MajorNelson appears to have leaked the data online for free. In a screenshot shared by @DarkWebInformer, the hacker includes the archive password for the data and says “Enjoy,” along with a smiling face emoji.

🚨BREAKING🚨Allegedly, a threat actor has exposed data from AT&T @ATT. They claim the data shows SSN, DOB, Full Names, Phone, Addresses, Emails, and other info. The amount of records are 73,481,539. #ATT #Clearnet #DarkWebInformer #Cyberattack #Cybercrime #Infosec #CTI pic.twitter.com/6Q3KPPkpFK

— Dark Web Informer (@DarkWebInformer) March 17, 2024