Source: Courtesy / AT&T
AT&T notified millions of customers of a data breach after discovering stolen personal data online. The telecommunications giant revealed on Saturday that the dataset, found on the “dark web,” includes sensitive information such as Social Security numbers belonging to approximately 7.6 million current account holders and 65.4 million former ones.
The company reset the passcodes for current users and plans to communicate directly with affected account holders regarding the breach of their personal information. The origins of the compromised data, which dates back to 2019 or earlier, remain unclear, raising concerns about its potential source.
The data does not appear to include financial details or call history, but it does include a range of personal information, such as email addresses, mailing addresses, phone numbers, and birth dates.
Cybersecurity researcher Troy Hunt noted the resemblance between this incident and a similar data breach in 2021, which AT&T did not acknowledge at the time. He warned of potential legal repercussions if AT&T fails to address the situation promptly, emphasizing the risk of class action lawsuits.
Despite these developments, AT&T has yet to provide a comment on the matter. This latest incident compounds a challenging year for the Dallas-based company, following a February outage attributed to a technical coding error rather than a deliberate attack.
