AT&T, one of the largest telecommunications networks in the United States, has confirmed a significant security breach. The company announced on Saturday that data from about 73 million current and former customer accounts had been leaked on the dark web about two weeks ago. The leaked information includes customers' social security numbers, passcodes, contact details, and possibly email and mailing addresses, phone numbers, and birth dates.
The compromised data, which appears to be from 2019 or earlier, does not contain personal financial information or call history, according to AT&T. The company also stated that it is unclear if the breach originated from AT&T or one of its vendors.
AT&T has launched a robust investigation into the incident, supported by both internal and external cybersecurity experts. The company has already reset passcodes for all 7.6 million existing account holders whose sensitive personal information was compromised. AT&T also plans to communicate with current and former account holders who had their sensitive personal information compromised.
Reports of the breach first surfaced on a hacking forum nearly two weeks ago. It is unclear if this leak is linked to a similar breach in 2021 that was widely reported but that AT&T did not acknowledge. A hacker at the time claimed to have access to data of 70 million AT&T customers, including their names, addresses, phone numbers, social security numbers, and date of birth.
Cybersecurity expert Troy Hunt, the creator of Have I Been Pwned? – a website that alerts subscribers to data breaches – said in a blog post that at least 153,000 of his customers were affected by the breach. If AT&T made the wrong call on assessing the breach and years have passed without notifying impacted customers, it's likely the company will soon face class action lawsuits, Hunt told The Associated Press news agency.
AT&T has faced challenges earlier this year when an outage temporarily knocked out mobile phone service for thousands of users. The company blamed the incident on a technical coding error, not a malicious attack. Other networks were also affected, but AT&T appeared to be the hardest hit.