Earlier this year, VCPost reported that AT&T suffered a major data breach, with over 73 million customer information being found on the dark web.
Tech Crunch reports that the telecommunication company has initiated contact with US state authorities and regulators following the disclosure of a significant security breach, which confirmed the authenticity of millions of customer records exposed online last month.
In compliance with legal obligations, AT&T has submitted a formal report to Maine's attorney general, notifying over 51 million individuals, including approximately 90,000 residents of Maine, about the compromise of their data. The leaked data includes customers' complete identities, including names, email addresses, mailing addresses, dates of birth, phone numbers, and Social Security numbers.
Under state data breach notification laws, companies are obligated to inform attorneys general about breaches affecting a large number of individuals. In accordance with this, AT&T is extending identity theft and credit monitoring services to affected customers.
How Severe Is The AT&T Data Breach?
The leaked data, spanning back to mid-2019 and earlier, affects more than 7.9 million current AT&T customers. Despite the breach occurring years ago, AT&T only took action recently after the entire cache of 73 million records was disclosed online. Unfortunately, this delay hindered any thorough analysis of the data, with some records being duplicates.
The leaked data contained personal information and encrypted account passcodes, granting unauthorized access to customer accounts. Upon being alerted by a security researcher, AT&T immediately urged customers to reset and change passcodes, as reported by VCPost.
Despite acknowledging the authenticity of the leaked data, including records of about 65 million former customers, AT&T has yet to pinpoint the source of the breach, leaving the investigation ongoing.
Join the Conversation