US firm AT&T says data of 73 million customers leaked on ‘dark web’

US firm AT&T says data of 73 million customers leaked on ‘dark web’

March 31, 2024   09:05 pm

Personal information belonging to millions of past and present AT&T customers has been leaked online, including Social Security numbers (SSNs), passcodes and contact details, the multinational company says.

In a statement on Saturday, the telecommunication network – the largest in the United States – said a recently discovered dataset on the “dark web” contained information for about 7.6 million current AT&T account holders and 65.4 million former users, totalling about 73 million affected accounts.

It is not known if the breach “originated from AT&T or one of its vendors”, the company said.

“To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history,” the statement added.

All 7.6 million existing account holders whose sensitive personal information was compromised were set to be notified about the breach AT&T. The company said it had already reset passcodes and was investigating the incident.

In addition to passcodes and SSNs, the hacked data possibly included email and mailing addresses, phone numbers and birth dates, AT&T added.

Reports of the breach first surfaced on a hacking forum nearly two weeks ago. It is unclear if the leak is linked to a similar breach in 2021 that was widely reported but that AT&T did not acknowledge.

A hacker at the time claimed to have access to data of 70 million AT&T customers, including their names, addresses, phone numbers, SSNs, and date of birth.

Auction data on a hacking forum revealed the hacker attempted to sell the stolen information for thousands of dollars.

“If they assess this and they made the wrong call on it, and we’ve had a course of years pass without them being able to notify impacted customers” then it’s likely the company will soon face class action lawsuits, cybersecurity expert Troy Hunt told The Associated Press news agency.

Troy, the creator of Have I Been Pwned? – a website that alerts subscribers to data breaches – said in a blogpost at least 153,000 of his customers were affected.

The Dallas-based company faced challenges earlier in February after an outage temporarily knocked out mobile phone service for thousands of users.

AT&T blamed the incident on a technical coding error, not a malicious attack. Other networks were also affected, but AT&T appeared to be the hardest hit.

--With agencies inputs

Disclaimer: All the comments will be moderated by the AD editorial. Abstain from posting comments that are obscene, defamatory or slanderous. Please avoid outside hyperlinks inside the comment and avoid typing all capitalized comments. Help us delete comments that do not follow these guidelines by flagging them(mouse over a comment and click the flag icon on the right side). Do use these forums to voice your opinions and create healthy discourse.

Most Viewed Video Stories

LIVE🔴Ada Derana Lunch Time News Bulletin 12.00 pm

LIVE🔴Ada Derana Lunch Time News Bulletin 12.00 pm

Public urged to follow Avurudu auspicious times prepared by state astrologers

Sri Lanka to reform primary healthcare with World Bank funding - Health Secretary (English)

Heavy rainfall experienced across the country (English)

Scientific perspective on the dawn of the Sinhala and Tamil New Year (English)

ADB urges Sri Lanka to promote private sector participation through consistent policies (English)

LIVE🔴Ada Derana Prime Time News Bulletin 6.55 pm

LIVE🔴Ada Derana Lunch Time News Bulletin 12.00 pm