AT&T has confirmed that sensitive data of approximately 7.6 million of its current customers and 65.4 million former customers has been leaked on the dark web. According to an update on the company’s support page, AT&T has taken immediate action to reset the passcodes of all active accounts affected by the data breach.
This incident, first reported by TechCrunch, involves a data set reportedly dating back to 2019 or earlier, which contains customer information including names, home addresses, phone numbers, dates of birth, and even Social Security numbers.
AT&T was alerted by TechCrunch to the potential misuse of the leaked data to access customer accounts, following the discovery by a security researcher that the leaked records included encrypted passcodes that were easily decipherable. In response, AT&T announced that it has instigated a comprehensive investigation, backed by internal and external cybersecurity expertise.
Interestingly, this event follows a claim in 2021 by a hacker, known as ShinyHunters, who alleged to have obtained account data of 73 million AT&T customers. AT&T refuted this claim at the time, stating that the sample information shared online by the hacker did not appear to originate from their systems.
Currently, AT&T states that the origin of the data from the recent leak, whether from its own databases or from one of its vendors, is still unknown. As yet, it has found no evidence to suggest unauthorized access to its systems leading to data extraction.
As part of its remedial measures, AT&T will be contacting both the current and former account holders impacted by this leak. The company has offered to provide credit monitoring services to the affected customers where relevant.