Data released on the dark web impacts 7.6 million existing account holders and 65.4 million past subscribers. Credit: Shutterstock AT&T has suffered a data breach impacting the information of 73 million of its current and past customers. The dataset leaked on the dark web contains several fields of personal data belonging to AT&T’s customers from 2019 and earlier, the company said in a public statement released on Saturday. The breached data, according to the company, affects approximately 7.6 million of its existing customers. “AT&T has determined that AT&T data-specific fields were contained in a data set released on the dark web approximately two weeks ago,” the company said in the statement. “With respect to the balance of the data set, which includes personal information such as social security numbers, the source of the data is still being assessed.” The company said it is unaware whether the data in those fields originated from AT&T or one of its vendors. Back in March 2023, the company suffered a breach of a similar scale that stemmed from a vendor exploit. “AT&T has launched a robust investigation supported by internal and external cybersecurity experts,” the company said about its attempts to trace the leak. Compromise of sensitive customer information In addition to the 7.6 million existing customers, the dark web data also included the personal details of 65.4 million former AT&T account holders. “The information varied by customer and account, but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and passcode,” AT&T acknowledged. In the 2023 data breach, the attackers specifically accessed and exfiltrated the customer proprietary network information (CPNI) data which pertains to critical subscribers’ information maintained by the telecommunication companies in the US. The CPNI consists of information on the services used, the amount paid for the services, and the type of usage opted for. The compromised data, this time, does not contain personal financial information or call history, according to the company. However, the company admits it is aware that “a number of AT&T passcodes have been compromised.” “The recent data breach at AT&T, which has exposed sensitive customer information like Social Security numbers, names, dates of birth, and possibly addresses, presents customers with a new set of risks distinct from previous breaches involving CPNI,” said Sakshi Grover, research manager at IDC. “This breach opens the door to various dangers, including financial fraud and identity theft, as Social Security numbers are prime targets for identity thieves, enabling them to open fraudulent accounts or file false tax returns.” “As of today, this incident has not had a material impact on AT&T’s operations,” AT&T said in the statement issued on Saturday. Vigilance cautioned AT&T said it is reaching out to all 7.6M impacted customers and has reset their passcodes. “We encourage customers to remain vigilant by monitoring account activity and credit reports,” the company said. Additionally, AT&T advised customers to set up free fraud alerts from global credit bureaus, including Equifax, Experian, and TransUnion. The company’s failure to identify the source of the leak will likely affect customer trust and AT&T’s business in the long run. The huge corpus of recently breached data, along with CPNI data of 9 million customers hacked in 2023, ought to raise some eyebrows about AT&Ts internal and network security controls. “Currently, AT&T does not have evidence of unauthorized access to its systems resulting in theft of the data set,” the company said. However, it is entirely possible that a threat actor had possession of the data from a past exploit and is only releasing them now. “Data breaches often have delayed exposure. Cybercriminals may hoard pilfered data for various motives. They might await opportune moments to monetize it, leverage it for subsequent attacks, or prolong their concealment to evade detection,” IDC’s Grover said. “An intruder could have infiltrated AT&T’s systems earlier using a method that has since been mitigated. However, this still leaves customers impacted.” Related content news Equiniti settles SEC charges stemming from a pair of cyber intrusions The charges stemmed from a pair of cyberattacks in 2022 and 2023, in which more than $6.6 million in client funds were stolen. By Lynn Greiner 22 Aug 2024 3 mins Data Breach Cyberattacks news AWS environments compromised through exposed .env files Attackers collected Amazon Web Services keys and access tokens to various cloud services from environment variables insecurely stored in tens of thousands of web applications. By Lucian Constantin 22 Aug 2024 7 mins Data Breach AWS Lambda Data and Information Security news Microchip suffers cyberattack, impacting manufacturing operations The precise cause of the incident, the full extent of the disruption, and whether ransomware was involved remain unclear. By Gyana Swain 21 Aug 2024 6 mins Data Breach news Trump campaign suffers sensitive data breach in alleged Iranian hack The campaign says sources hostile to the US have hacked into its accounts to steal and compromise sensitive election data. By Shweta Sharma 12 Aug 2024 4 mins Data Breach Election Hacking Phishing PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe