Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

AT&T Says Data on 73 Million Customers Leaked on Dark Web

AT&T used the Easter holiday weekend to quietly share details on data that surfaced on the dark web roughly two weeks ago.

AT&T Data Breach

AT&T on Saturday said that data on roughly 73 million current and former customers was exposed on the dark web, including social security numbers and other personal information.

According to the telecommunications giant, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.

Dallas, Texas-based AT&T used the Easter holiday weekend to quietly share the update on data that surfaced on the dark web roughly two weeks ago.

“AT&T has determined that AT&T data-specific fields were contained in a data set released on the dark web approximately two weeks ago,” the company said in a statement. “While AT&T has made this determination, it is not yet known whether the data in those fields originated from AT&T or one of its vendors. With respect to the balance of the data set, which includes personal information such as social security numbers, the source of the data is still being assessed.”

The company said a “robust investigation” investigation is underway, supported by internal and external cybersecurity teams. 

“Currently, AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set,” the statement said. “The company is communicating proactively with those impacted and will be offering credit monitoring at our expense where applicable.”

The company says the incident has not had a material impact on its operations.

In March 2023, AT&T notified roughly 9 million wireless customers that their customer proprietary network information (CPNI) was compromised in a data breach at a third-party vendor.

Advertisement. Scroll to continue reading.

Late last month the telco experienced an outage that knocked out cellphone service for many of its customers across the US, but the company said the outage was not caused by a cyberattack.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

More People On The Move

Expert Insights

Related Content

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Data Breaches

Delta Dental of California says over 6.9 million individuals were impacted by a data breach caused by the MOVEit hack.

Data Breaches

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. 

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.

Data Breaches

AT&T is notifying millions of wireless customers that their CPNI was compromised in a data breach at a third-party vendor.