Data from 73M current, former customers leaked on dark web, AT&T confirms

Some 7.6 million current and 65.4 million former accounts are impacted, it said.

March 30, 2024, 8:19 PM

Information for some 73 million current and former AT&T customers was recently posted on the dark web in a data breach, the telecommunications company confirmed on Saturday.

"AT&T has determined that AT&T data-specific fields were contained in a data set released on the dark web approximately two weeks ago," the Dallas-based company said in a statement.

AT&T said the affected data set appears to be from 2019 or earlier and impacts approximately 7.6 million current customers and approximately 65.4 million former account holders.

The data set included personal information such as Social Security numbers, AT&T said. It is unclear if the data originated from AT&T or one of its vendors, the company said.

PHOTO: Day 1 - Mobile World Congress 2023
BARCELONA, SPAIN - FEBRUARY 27: Attendants passing by AT&T's stand are seen during day 1 of Mobile World Congress 2023 at Fira Barcelona on February 27, 2023 in Barcelona, Spain. (Photo by Joan Cros Garcia - Corbis/Getty Images)
Joan Cros Garcia - Corbis/Getty Images

"AT&T has launched a robust investigation supported by internal and external cybersecurity experts," the company said.

In a note to customers, the company said that a "number" of AT&T passcodes have been compromised and that it reset the passcodes for all impacted current customers.

"In addition, we will be communicating with current and former account holders with compromised sensitive personal information," the company said.

The compromised data does not appear to contain personal financial information or call history, AT&T said.

TechCrunch reported that it had informed AT&T on Monday that the leaked data contained encrypted passcodes that were easy to decipher.

This is not the first time the company has experienced issues this year. In February, an outage temporarily knocked out cellphone service for tens of thousands of customers in the U.S. The network disruption was caused by a software update, the company said at the time.