AT&T has confirmed a data breach impacting the personal information of 73 million current and former customers. The breach—which was originally leaked in 2021 but has recently been made available for anyone to access—exposed the personal data of millions of current and former AT&T customers on the dark web. It also underscores the ever-present threats in our digital world and the need for robust cybersecurity measures.
What happened?
The breach came to light when personal information, allegedly taken in 2021, including Social Security numbers and account passcodes, was found on the dark web. Initially reported on March 17 on X by the account vx-underground, the data pertains to records from 2019 or earlier and includes sensitive details like full names, addresses, and more. While AT&T has responded to the breach, the exact origin of the data—whether directly from AT&T or a third-party vendor—remains uncertain.
Who is affected?
A staggering 73 million individuals, comprising 7.6 million current and 65.4 million former AT&T account holders, may find that their data is at risk. AT&T says that the specific data leaked varies from customer to customer and account to account, but could include any combination of Social Security numbers, passcodes, full names, email addresses, mailing address, phone numbers, dates of birth, and AT&T account numbers. All of the compromised data is from 2019 or before.
AT&T's response
AT&T says they are taking several steps in reaction to the breach:
- Started directly notifying impacted customers and initiated passcode resets to bolster account security.
- Engaging external cybersecurity experts to delve into the breach's specifics.
- Will be offering complimentary identity theft and credit monitoring services to those affected.
How to protect yourself
In the wake of this breach, here are steps you can take to safeguard your information:
1. Monitor your accounts closely: Keep an eye out for any unusual activity or unauthorized access.
2. Change passwords and passcodes: Ensure your new passwords are strong and unique to each account.
3. Enable multifactor authentication: This adds an extra layer of security beyond just a password.
4. Consider a credit freeze: Freezing your credit can prevent identity thieves from opening new accounts in your name.
5. Stay vigilant against phishing: Be cautious of emails or messages claiming to be from AT&T or related to the breach. Always verify through official channels.
6. Utilize credit monitoring services: Take advantage of AT&T's offer or explore other credit monitoring options to stay informed of potential fraud. Or, if you’re looking for a alternative solution, LifeLock’s comprehensive identity theft protection solution can help detect if your compromised data has been used, potentially by an identity thief, and can help you recover stolen funds due to identity theft.
7. Educate yourself about cybersecurity: Knowledge is power. Understanding how to protect your digital footprint can significantly reduce your risk of falling victim to cyber threats.
The AT&T data breach is a stark reminder of the vulnerabilities inherent in our digital lives. It emphasizes the importance of vigilance and proactive measures to protect our identities. At LifeLock, we're committed to offering resources and tools to help you navigate these challenges, ensuring your digital security in an increasingly connected world.
