AT&T reported that hackers have obtained the personal information of 73 million current and former customers, including Social Security numbers, with data dating back to 2019 or earlier. The leak was first disclosed in 2021 when the hackers claimed they had accessed customer data from AT&T. In March 2024, the stolen information was found on the dark web by Troy Hunt, creator of Have I Been Pwned. AT&T has reached out to the 7.6 million current customers affected, resetting their passcodes. It is advised for both current and former customers to take steps to mitigate potential damage from the breach.
The stolen personal information from AT&T includes full names, email addresses, mailing addresses, phone numbers, Social Security numbers, dates of birth, AT&T account numbers, and passcodes. AT&T assured that personal financial information or call history was not compromised. A customer’s passcode is a four-digit numerical PIN used for AT&T installations, account functions, and technical support. AT&T has reset passcodes for affected active accounts and advises customers who haven’t changed their passcode recently to do so as a precaution.
AT&T will notify the 7.6 million current customers whose data was stolen about the breach, the compromised information, and the company’s response. Passcodes for affected current customers have already been reset. Meanwhile, communication is ongoing with the 65.4 million former account holders whose data was accessed. Instead of waiting for AT&T’s notification, individuals can use tools like Have I Been Pwned and Google’s Password Checkup to check if their data has been exposed. Changing passcodes and passwords can enhance the security of your account.
To safeguard against potential fraud resulting from the AT&T breach, individuals can monitor their credit reports for any suspicious activity. Credit reports from major bureaus can be obtained annually for free, and credit monitoring services can be used for continuous surveillance. In case of suspected fraud or identity theft, placing fraud alerts with credit reporting agencies, contacting fraud departments of relevant companies, and freezing credit are recommended steps to prevent unauthorized charges and protect one’s identity. Keeping detailed records and creating a recovery plan can aid in disputing fraudulent charges.
If there is a suspicion of personal information being compromised, taking immediate action is crucial to prevent further unauthorized activity and initiate the recovery process. Placing fraud alerts with credit reporting companies, contacting fraud departments of affected businesses, freezing credit, and developing a recovery plan are essential steps to combat identity theft. Documenting all related expenses and conversations will assist in resolving the issue. Utilizing password managers and VPN services can further enhance online security and protect personal data from cyber threats.
