AT&T Investigates Data Leak Exposing Personal Info of 73 Million Customers

AT&T is currently looking into a data leak that has exposed the personal information of 73 million of its current and former customers. The telecommunications company announced in a news release on Saturday that the data, which includes details like Social Security numbers, was made available on the dark web about two weeks ago.

AT&T stated that it is unclear whether the data came from the company or one of its vendors. They also mentioned that there is no proof of unauthorized access leading to the data being taken from their systems.

The leaked data seems to be from 2019 or before. AT&T assured that the information does not include financial details or specifics about call records. The company revealed that around 7.6 million current account holders and 65.4 million former account holders were impacted by the leak.

AT&T is contacting customers to reset their account passcodes and reminding them to stay vigilant about any account or credit report changes. They are also offering credit monitoring at no cost if needed.

The company was made aware of a possible leak around two weeks ago after X account vx-underground first reported it on March 17.

At the time, AT&T reassured CNN that their systems were not compromised. In 2021, they concluded that the information shared on the online forum did not originate from their systems. AT&T is currently investigating to verify if the data being discussed is the same dataset that has been circulated multiple times on the forum.

Editor's P/S:

The massive data leak at AT&T is deeply concerning, exposing the personal information of millions of individuals. The lack of clarity regarding the source of the breach raises questions about the company's cybersecurity measures and the potential involvement of third-party vendors. While it is reassuring that financial details and call records were not compromised, the loss of sensitive information such as Social Security numbers could lead to identity theft and other fraudulent activities.

AT&T's response to the leak appears to be reactive rather than proactive. The company's initial denial of a breach, followed by subsequent investigations, suggests a lack of preparedness and timely action. Offering credit monitoring and password resets is a necessary step, but it may not fully mitigate the potential damage. The company needs to conduct a thorough investigation to determine the extent of the leak, identify the responsible parties, and implement robust measures to prevent similar incidents in the future. and for individuals to be aware of the risks and take appropriate precautions to protect their privacy.