AT&T recently announced that hackers have stolen the personal information of 73 million current and former customers, including Social Security numbers. The data, which dates back to 2019 or earlier, includes account information for approximately 7.6 million current account holders and 65.4 million former customers. The breach was first revealed in 2021 when hackers claimed to have stolen customer data from AT&T and threatened to sell it. The stolen personal information was discovered on the dark web in March 2024 by Troy Hunt, creator of Have I Been Pwned. AT&T has since contacted the current customers whose data was stolen and reset their passcodes.
The stolen personal information from the AT&T breach includes customers’ full names, email addresses, mailing addresses, phone numbers, Social Security numbers, dates of birth, AT&T account numbers, and passcodes. AT&T clarified that the data does not contain personal financial information or call history. A customer’s passcode, which is distinct from a password, is a numerical PIN typically consisting of four digits. Passcodes are required for AT&T installations, personal account functions over the phone, and contacting technical support.
AT&T has advised affected customers to change their passcodes as a precaution, even if the passcodes have already been reset for active accounts. Instructions for changing your AT&T passcode involve visiting your myAT&T Profile, signing in, and selecting the option to update your passcode. AT&T is in the process of contacting the 7.6 million current customers and 65.4 million former account holders whose data was compromised in the breach to explain the incident and the company’s response. Customers can also use services like Have I Been Pwned, Google’s Password Checkup tool, and Bitwarden’s premium version to check for leaked passwords and secure their accounts.
Monitoring your credit report for signs of fraud is essential if you suspect your personal information was part of the AT&T breach. By obtaining free annual credit reports from Equifax, Experian, and TransUnion, you can look for unusual activity such as new accounts opened without your knowledge. Additionally, utilizing a credit monitoring service like LifeLock or Credit Karma will constantly monitor your credit report for any suspicious activity. If you believe you are a victim of identity theft, place fraud alerts with the major credit bureaus, contact fraud departments of affected businesses, freeze your credit, and create a recovery plan using resources provided by the Federal Trade Commission.
Taking immediate action upon suspecting fraud or identity theft is crucial in minimizing unauthorized charges and reclaiming your identity. Placing fraud alerts with the credit reporting companies, contacting fraud departments of businesses, and freezing your credit can prevent further misuse of your information. Keeping detailed records of the theft and expenses incurred, and following a recovery plan provided by the FTC, are essential steps in the process. Stay informed about the latest cybersecurity tools and resources to protect your personal information and prevent future breaches.
