AT&T Confirms Massive Data Breach: 73 Million Affected

On March 30th, the American telecommunications giant AT&T officially confirmed a data breach affecting approximately 73 million current and former customers. This revelation followed shortly after the hacker MajorNelson posted on BreachForums a database initially leaked by the group ShinyHunters in 2021.

Despite repeated denials from the company that the stolen data belonged to its customers, as internal investigations claimed AT&T’s systems were uncompromised, the origin of the database remained a mystery.

The company now acknowledges the authenticity of the leak, dating back to 2019, impacting around 7.6 million active and approximately 65.4 million former AT&T customers.

The leaked information includes social security numbers, names, email addresses, postal addresses, phone numbers, dates of birth, AT&T account numbers, and passwords. The company remains uncertain whether this data was obtained from AT&T’s systems or a third-party vendor and continues to refrain from speculating.

No evidence of unauthorized access to its systems, which could have led to the data leak, has been found by the company. Nevertheless, AT&T is proactively notifying affected individuals and offering credit monitoring services at its expense. This response comes belatedly, given that the database first began circulating on the darknet in 2021.

AT&T is the largest wireless communication provider in the United States by the number of subscribers. This incident is not the first data breach the company has been associated with in recent years.

Nearly a year ago, AT&T officially confirmed a leak affecting sensitive data of about 9 million customers. In 2022, the company disputed claims from renowned security researchers regarding the association of a stolen database of 23 million Americans with AT&T.