Data from 73M current, former customers leaked on dark web, AT&T confirms
By Luke Barr and Meredith Deliso
Information for some 73 million current and former AT&T customers was recently posted on the dark web in a data breach, the telecommunications company confirmed on Saturday.
"AT&T has determined that AT&T data-specific fields were contained in a data set released on the dark web approximately two weeks ago," the Dallas-based company said in a statement.
AT&T said the affected data set appears to be from 2019 or earlier and impacts approximately 7.6 million current customers and approximately 65.4 million former account holders.
The data set included personal information such as Social Security numbers, AT&T said. It is unclear if the data originated from AT&T or one of its vendors, the company said.
"AT&T has launched a robust investigation supported by internal and external cybersecurity experts," the company said.
In a note to customers, the company said that a "number" of AT&T passcodes have been compromised and that it reset the passcodes for all impacted current customers.
"In addition, we will be communicating with current and former account holders with compromised sensitive personal information," the company said.
The compromised data does not appear to contain personal financial information or call history, AT&T said.
TechCrunch reported that it had informed AT&T on Monday that the leaked data contained encrypted passcodes that were easy to decipher.
This is not the first time the company has experienced issues this year. In February, an outage temporarily knocked out cellphone service for tens of thousands of customers in the U.S. The network disruption was caused by a software update, the company said at the time.