Millions of AT&T customers saw their data, including sensitive information, published online late last week. The leak appears to be linked to a data breach from 2021, which AT&T denied at the time.
The leak first came to light in 2021, when it was hackers claimed they’d stolen customer data from AT&T and said they were putting the information up for sale. Pieces of a set of data, allegedly from AT&T, were then published, but no breach was ever specifically verified. To boot, AT&T outright denied that this leak even took place.
The news returned to the surface when the full set of that same stolen data was alleged to have been leaked late last week. The newly leaked data set included sensitive information such as Social Security numbers, home addresses and names. Troy Hunt, creator of Have I Been Pwned?, a website that allows you to see if you were involved in a breach and what data was compromised, analyzed the leaked data in a blog post.
Hunt’s post explains the technical aspects of the leak, but doesn’t draw a conclusion about where the data came from or who stole it. One thing is clear, though: Hunt feels that he has “proven, with sufficient confidence, that the data is real and the impact is significant.”
Ultimately, it doesn’t matter where the leaked information came from. If your personal information is out there for everyone to see, you’re going to want to do something about it. We’ve rounded up what you need to know about the alleged AT&T breach and what next steps you can to take if you find your information has been exposed.
For more, here’s our picks for the best identity theft protection and monitoring services and how Consumer Report’s permission slip can help you take control of your online data.
AT&T did not immediately respond to CNET’s request for comment.
What to know about the alleged AT&T data breach
AT&T denied that this breach came from the cell phone provider in 2021, when it was initially reported, and then again in 2024 when the…
Read the full article here