Millions of AT&T customers are questioning the company’s transparency, after the telecom giant finally confirmed a massive data breach impacting a staggering 73 million current and former customers.
AT&T has finally confirmed a massive data breach impacting a whopping 73 million (73,481,539) current and former customers. This comes after weeks of speculation and accusations of a cover-up following the discovery of the leaked data on the the notorious hacking and cybercrime platform BreachForums.
The data breach, which involved Social Security numbers, passcodes, and potentially other personal information, was first discovered in mid-March. Cybersecurity researchers immediately noted similarities to a possible breach from 2021 that AT&T never acknowledged.
Initial Denial and Mounting Pressure
The data was leaked on Sunday, March 17, 2024. However, AT&T initially denied any data breaches, despite reports from security researchers like Troy Hunt, founder of Have I Been Pwned. Hunt pointed out that the leaked data closely resembled a breach from 2021 that was attempted to be sold online by a hacker known as “Shiny Hunters.”
This denial raised concerns about AT&T’s transparency and potential legal ramifications. Experts pointed out that failing to disclose a data breach promptly could violate consumer protection laws.
Confirmation and Investigation
Under mounting pressure, AT&T finally confirmed the data breach on March 30th. The company stated they were unaware of the source of the breach, suggesting it could have originated from AT&T’s systems or a vendor.
They also announced that they had already reset passcodes for current users and would be reaching out to impacted individuals. Additionally, AT&T will be offering complimentary identity theft and credit monitoring services.
“Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and 65.4 million former account holders.”
AT&T
Lingering Questions
While AT&T has confirmed the breach, questions remain.
- Why did it take so long for AT&T to acknowledge the breach, especially considering the potential similarities to the 2021 incident?
- What specific data was compromised, and how will it impact affected customers?
- Is AT&T conducting a thorough investigation to identify the source of the breach and prevent future incidents?
AT&T has yet to address these questions publicly. It’s likely that the company will face lawsuits and regulatory scrutiny in the coming months.
Thanks for reaching out. A number of AT&T passcodes have been compromised. Our teams are working with external cybersecurity experts to analyze the situation and we have reset passcodes. Learn more: https://t.co/tOZWNMOBen.
— AT&T (@ATT) March 31, 2024
This data breach goes on to show the importance of cybersecurity and data protection. Consumers should remain vigilant and take steps to protect their personal information, such as monitoring credit reports and using strong, unique passwords.