Security Experts:

Connect with us

Hi, what are you looking for?


Data Breaches

Millions of AT&T Customers Notified of Data Breach at Third-Party Vendor

AT&T is notifying millions of wireless customers that their CPNI was compromised in a data breach at a third-party vendor.

US mobile phone carrier AT&T is notifying millions of wireless customers that their customer proprietary network information (CPNI) was compromised in a data breach at a third-party vendor.

One of the largest carriers in the US, AT&T has roughly 200 million wireless customers, but only a small percentage of the total has been impacted by the incident.

“Approximately 9 million wireless accounts had their Customer Proprietary Network Information accessed,” AT&T said in an emailed statement.

“We recently determined that an unauthorized person breached a vendor’s system and gained access to your ‘customer proprietary network information’ (CPNI),” the company told impacted customers in an email notification, copies of which were shared by users on AT&T’s community forums.

“In our industry, CPNI is information related to the telecommunications services you purchase from us, such as the number of lines on your account or the wireless plan to which you are subscribed,” AT&T continued.

The impacted vendor, AT&T told SecurityWeek, provides marketing services. No personal or financial information was impacted in the data breach.

“A vendor that we use for marketing experienced a security incident. Customer Proprietary Network Information from some wireless accounts was exposed, such as the number of lines on an account or wireless rate plan. The information did not contain credit card information, Social Security Number, account passwords or other sensitive personal information. We are notifying affected customers,” AT&T said.

The notification emails to customers also informed them that the issue was resolved and that authorities were informed of the incident.

“Our report to law enforcement does not contain specific information about your account, only that the unauthorized access occurred,” the company said.

Some users reported they were informed that the exposed data included names, email addresses, wireless phone numbers, and wireless account numbers, along with “the number of lines on the account and basic device and installment agreement information”.

In some cases, information such as monthly payment amount, past due amount, rate plan name, and monthly charges and/or minutes used was also exposed.

According to AT&T, the information was several years old. No AT&T systems were compromised in the incident, the company said.

*Updated with commentary from AT&T

Related: Hackers Claim to Have Data of 70 Million AT&T Customers

Related: Media Giant News Corp Discloses New Details of Data Breach

Related: Pepsi Bottling Ventures Discloses Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.


Instant Checkmate and TruthFinder have disclosed data breaches affecting a total of more than 20 million users.

Data Breaches

Health services company Independent Living Systems has disclosed a data breach that impacts more than 4 million individuals.

Data Breaches

Companies affected by the recent Mailchimp data breach have started notifying customers. The list includes WooCommerce, FanDuel, Yuga Labs and the Solana Foundation.


Acer said one of its document servers was hacked after a hacker claimed to have stolen 160 Gb of data from the company.