AT&T has acknowledged the authenticity of a dataset containing the details of 73 million current and former customers after a hacker advertised it on a dark web marketplace around March 17.
🚨BREAKING🚨Allegedly, a threat actor has exposed data from AT&T @ATT. They claim the data shows SSN, DOB, Full Names, Phone, Addresses, Emails, and other info. The amount of records are 73,481,539. #ATT #Clearnet #DarkWebInformer #Cyberattack #Cybercrime #Infosec #CTI pic.twitter.com/6Q3KPPkpFK
— Dark Web Informer (@DarkWebInformer) March 17, 2024
Writing in a notice on Saturday, the telecommunications giant revealed that the dataset comprises information dating back to 2019 or earlier, affecting approximately 7.6 million present AT&T account holders and about 65.4 million past customers.
“The concern is mainly around internal processes at AT&T, which originally denied that a data breach even occurred back in 2021 before admitting it,” commented Zendata CEO, Narayana Pappu.
“Assuming this information is from the previous hack, hopefully, AT&T has already implemented remediation, asking users to update their information. If it has not, AT&T should evaluate the processes they have in place to identify exposure and remediation.”
Read more on the 2021 claims: AT&T Denies Data Breach
While AT&T has now confirmed that specific data fields from the published dataset align with its records, the company said it remains uncertain whether these originated from AT&T itself or one of its vendors.
An investigation has been initiated by AT&T to delve into the matter further. However, the source of personal information, such as social security numbers, is still under evaluation.
Currently, AT&T has not found evidence indicating unauthorized access to its systems resulting in the removal of the dataset. The company has taken proactive steps to engage with affected individuals, offering credit monitoring services where appropriate.
Current and former customers are encouraged to visit the official AT&T website for more information. Despite the severity of the situation, the company asserts that the incident has not yet significantly impacted its day-to-day operations.
“Current and former AT&T customers should assume they’ve already been breached and act accordingly,” warned Anne Cutler, cybersecurity evangelist at Keeper Security.
According to the security expert, individuals should take proactive measures. These include updating their AT&T account login credentials, subscribing to a dark web monitoring service, overseeing or freezing their credit and adhering to sound cyber-hygiene practices.
“By using strong and unique passwords for every account, enabling MFA everywhere possible, updating software regularly and always thinking before they click, individuals can greatly increase their personal cybersecurity,” concluded Cutler.
The AT&T notice comes weeks after American Express warned users that credit card data was exposed in a third-party breach.
Image credit: viewimage / Shutterstock.com