Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

AT&T Data Breach Update: 51 Million Customers Impacted

The recent AT&T data breach impacts 51 million customers, the company tells Maine’s attorney general.

AT&T Data Breach

AT&T has told the office of the attorney general in Maine that the recently disclosed data breach impacts more than 51 million individuals, still a large number, but less than the initially reported 73 million.

Reports of AT&T data circulating on the dark web emerged in mid-March, but it took the telecoms giant roughly two weeks to confirm that the information indeed belongs to customers. 

During the Easter holiday weekend, AT&T said the leaked data appeared to belong to roughly 7.6 million current customers and approximately 65.4 million former customers, pointing out that the data appeared to be from 2019 or earlier. 

The company at the time only specifically named social security numbers as being compromised. 

However, in letters it’s now sending out to impacted individuals, AT&T says the compromised information includes full name, email and mailing address, phone number, date of birth, social security number, and AT&T account number and passcode. 

“To the best of our knowledge, personal financial information and call history were not included,” the company is telling impacted individuals.

AT&T told the Maine AG that the incident has impacted more than 51 million individuals, which suggests the company may have eliminated duplicate or inaccurate records from the leaked database.

It’s believed that the data has been circulating online since 2021, but its origin remains unknown. AT&T has denied that it came from its own systems.

Advertisement. Scroll to continue reading.

Affected customers are being offered one year of free credit monitoring and identity theft protection services.

In March 2023, AT&T notified 9 million wireless customers that their customer proprietary network information (CPNI) was compromised in a data breach at a third-party vendor.

Related: AT&T Says the Outage to Its US Cellphone Network Was Not Caused by a Cyberattack

Related: 530k Impacted by Data Breach at Wisconsin Healthcare Organization

Related: DOJ-Collected Information Exposed in Data Breach Affecting 340,000 

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights