Here's What You Can Do When Your AT&T Data Was Leaked to The Dark Web

AT&T customers should begin reviewing their credit records and upgrading their passwords. Your AT&T credentials may be available for purchase in a database on illicit hacking sites.

Your AT&T Information May Be Compromised Once More

Researchers at Hackread have seen hackers marketing a database containing 86 million customer records obtained from an AT&T data breach in 2024. The database was published on a Russian cybercrime site on May 15 and subsequently on June 3, following which it began to surface on additional forums.

The precise quantity of compromised records is disputed. Hackread asserts that 86 million records were compromised, however a post offering the database alleges that 70 million records were involved. Nevertheless, the compromised data presents a more significant issue.

Hackread examined the compromised data and identified the subsequent information available for purchase:

• Complete names

• Birthdates

• Telephone numbers

• Email addresses

• Geographical locations

• Total Social Security numbers: 43,989,219

Compounding the issue, the birthdays and Social Security numbers (SSN) recorded in the database were originally encrypted. Nonetheless, hackers have successfully decrypted the data, and it is now presented as plain text.

If you are an AT&T subscriber, your name, address, date of birth, phone number, and Social Security Number are certainly included in the compromised database.

This is not the inaugural instance of AT&T experiencing a breach and having its data offered for sale. A prior data breach in July 2024 impacted almost all cellular users; nevertheless, the corporation believed the compromised data was not accessible online. A subsequent breach occurred in March 2024, compromising client data from 2019 and prior, impacting 7.6 million current and 65.4 million previous consumers.

This recent database available for purchase was reportedly amassed over time from multiple data breaches. This encompasses the August 2024 National Public Data breach in which a hacker disseminated over 3.2 billion Social Security Numbers, in addition to other personal information, online. Without official confirmation from AT&T, we cannot ascertain the origin of the data leak.

Hackread's study indicates that the recent breach is "well-structured, clearly formatted, and systematically divided into three CSV files," facilitating a comprehensive understanding of the data represented in each field. All previously encrypted Social Security Numbers have been meticulously decoded and integrated into this new database; hence, unless this information was directly obtained from AT&T, much effort has been expended to amalgamate data from several breaches to construct this database.

Strategies to Combat Data Breaches

To safeguard yourself in the future, it is advisable to change your AT&T account password, establish multi-factor authentication if it is not already in place, and diligently check your credit for any indications of fraud. Temporarily freezing your credit can serve as a protective measure if your data has been compromised.

Additionally, remain vigilant for any fraudulent or phishing attempts that hackers may direct towards you. The compromised data is extremely sensitive; such extensive information facilitates online impersonation by hackers and scammers. This indicates that your friends and colleagues are likewise vulnerable.