This week, AT&T is notifying customers and former customers of a massive data breach, as well as sending out emails and resetting passwords to prevent unauthorized account access. The passwords of 7.6 million customers and 65.4 million former customers were stolen and sensitive data was leaked. AT&T maintains that, based on information obtained several years ago, there was no unauthorized access to its systems that would have led to the theft of the data set.

In 2021, a group of hackers claimed to have stolen the information of 70 million AT&T customers. At the time, AT&T said it was not hacked, and the company still insists the data did not come from its own systems. Customer information; It includes names, addresses, dates of birth, AT&T account numbers, phone numbers, email addresses, and social security numbers, as well as access codes.

The data wasn’t made public until March 2024, but now that it’s available, AT&T initiated a password reset and said it was working with outside cybersecurity experts to further analyze the situation.

The company said the data breach did not involve financial information or call history and that it would provide free identity theft and credit monitoring services to those whose personal information was compromised.

AT&T determined that AT&T data fields were contained in a dataset published on the dark web. Although AT&T has made this decision, it is not yet known whether the data in these areas comes from AT&T or one of its suppliers.

As for the balance of the data set containing personal information such as social security number, the source of the data is still being evaluated. Based on our preliminary analysis, the data set appears to be from 2019 or earlier and affects approximately 7.6 million current AT&T account holders and 65.4 million former account holders. At this time, AT&T has no evidence of unauthorized access to its systems that led to the theft of the data set.

Current and former customers affected will receive a letter or email from AT&T.