AT&T has confirmed a data breach affecting over 7.6 million current customers and 65 million former customers. The leaked information may include full names, email addresses, mailing addresses, phone numbers, social security numbers, dates of birth, AT&T account numbers, and passcodes. AT&T has taken steps to reset security passcodes for affected customers.
AT&T is proactively reaching out to impacted customers through email or letter to inform them about the leaked data and the measures being taken in response.
The company’s acknowledgment of the data breach, first reported in 2021, was prompted by a notification from TechCrunch about vulnerabilities in its encrypted passcodes. A security researcher’s analysis revealed that the passcodes were easily decipherable, raising concerns about account security.
Customers are advised to set up free fraud alerts with credit bureaus Equifax, Experian, and TransUnion. AT&T states that the leaked data does not contain personal financial information or call history, and is working with cybersecurity experts to investigate further with no evidence of unauthorized system access so far.