AT&T Confirms Data Leak on Dark Web

Posted on March 30, 2024

A large data set the appeared to be AT&T customer data was found on the dark web a couple weeks ago. AT&T has now confirmed that this data was its customer data. They think it was from 2019 or earlier.

AT&T says in a statement that exported data set impacts about 7.6 million current AT&T account holders and approximately 65.4 million former account holders.

AT&T also says it found no evidence of unauthorized access to its system that resulted in the data being exfiltrated. AT&T says it could have come from a vendor being hacked:

While AT&T has made this determination, it is not yet known whether the data in those fields originated from AT&T or one of its vendors. With respect to the balance of the data set, which includes personal information such as social security numbers, the source of the data is still being assessed.

The concern, as always, is that hackers can use this data to try and phish customers into giving up more signification data, like passwords. If you have been an AT&T customer you should make you use a strong password and 2-factor authentication.

Bleeping Computer notes that AT&T has been in denial over this being its data for the past couple weeks. They also note that AT&T has reset passcodes for the current AT&T account holders with compromised data.





More from HowToWeb