What happened in the AT&T data breach?

Twingate Team

Apr 17, 2024

In March 2024, a significant data breach involving AT&T came to light, with tens of millions of records allegedly breached. The data, dating back to August 2021, was initially posted for sale before being freely released. AT&T initially maintained that there had not been a breach of their systems and that the data originated from elsewhere. However, 12 days later, AT&T acknowledged that data fields specific to them were in the breach, and it was not yet known whether the breach occurred at their end or that of a vendor. As a result, AT&T proceeded to reset customer account passcodes.

How many accounts were compromised?

The breach impacted data related to approximately 70 million individuals.

What data was leaked?

The data exposed in the breach consisted of dates of birth, email addresses, government issued IDs, names, phone numbers, and physical addresses.

How was AT&T hacked?

The AT&T data breach occurred when a threat actor known as ShinyHunters began selling a database containing the personal information of over 70 million AT&T customers in August 2021. The data was initially only accessible to those who paid for it, but later, the same data was posted for free on a public hacking forum, making it instantly accessible to anyone. The exact method used by the hackers to breach AT&T's security remains unknown, as the company has not provided specific details on how the breach occurred.

AT&T's solution

In response to the data breach, AT&T took several measures to secure its platform and prevent future incidents. The company reset the passcodes of all current customers and notified both current and former customers about the breach. AT&T also offered one year of free identity theft protection to the affected customers as a preventive measure. While the exact source of the data breach is still being assessed, AT&T is working on providing complimentary identity theft and credit monitoring services to those with compromised sensitive personal information.

How do I know if I was affected?

AT&T has notified customers believed to be affected by the breach. If you're an AT&T customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions related to AT&T's data breach, please contact AT&T's support directly.

Where can I go to learn more?

If you want to find more information on the AT&T data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

What happened in the AT&T data breach?

What happened in the AT&T data breach?

Twingate Team

Apr 17, 2024

In March 2024, a significant data breach involving AT&T came to light, with tens of millions of records allegedly breached. The data, dating back to August 2021, was initially posted for sale before being freely released. AT&T initially maintained that there had not been a breach of their systems and that the data originated from elsewhere. However, 12 days later, AT&T acknowledged that data fields specific to them were in the breach, and it was not yet known whether the breach occurred at their end or that of a vendor. As a result, AT&T proceeded to reset customer account passcodes.

How many accounts were compromised?

The breach impacted data related to approximately 70 million individuals.

What data was leaked?

The data exposed in the breach consisted of dates of birth, email addresses, government issued IDs, names, phone numbers, and physical addresses.

How was AT&T hacked?

The AT&T data breach occurred when a threat actor known as ShinyHunters began selling a database containing the personal information of over 70 million AT&T customers in August 2021. The data was initially only accessible to those who paid for it, but later, the same data was posted for free on a public hacking forum, making it instantly accessible to anyone. The exact method used by the hackers to breach AT&T's security remains unknown, as the company has not provided specific details on how the breach occurred.

AT&T's solution

In response to the data breach, AT&T took several measures to secure its platform and prevent future incidents. The company reset the passcodes of all current customers and notified both current and former customers about the breach. AT&T also offered one year of free identity theft protection to the affected customers as a preventive measure. While the exact source of the data breach is still being assessed, AT&T is working on providing complimentary identity theft and credit monitoring services to those with compromised sensitive personal information.

How do I know if I was affected?

AT&T has notified customers believed to be affected by the breach. If you're an AT&T customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions related to AT&T's data breach, please contact AT&T's support directly.

Where can I go to learn more?

If you want to find more information on the AT&T data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

What happened in the AT&T data breach?

Twingate Team

Apr 17, 2024

In March 2024, a significant data breach involving AT&T came to light, with tens of millions of records allegedly breached. The data, dating back to August 2021, was initially posted for sale before being freely released. AT&T initially maintained that there had not been a breach of their systems and that the data originated from elsewhere. However, 12 days later, AT&T acknowledged that data fields specific to them were in the breach, and it was not yet known whether the breach occurred at their end or that of a vendor. As a result, AT&T proceeded to reset customer account passcodes.

How many accounts were compromised?

The breach impacted data related to approximately 70 million individuals.

What data was leaked?

The data exposed in the breach consisted of dates of birth, email addresses, government issued IDs, names, phone numbers, and physical addresses.

How was AT&T hacked?

The AT&T data breach occurred when a threat actor known as ShinyHunters began selling a database containing the personal information of over 70 million AT&T customers in August 2021. The data was initially only accessible to those who paid for it, but later, the same data was posted for free on a public hacking forum, making it instantly accessible to anyone. The exact method used by the hackers to breach AT&T's security remains unknown, as the company has not provided specific details on how the breach occurred.

AT&T's solution

In response to the data breach, AT&T took several measures to secure its platform and prevent future incidents. The company reset the passcodes of all current customers and notified both current and former customers about the breach. AT&T also offered one year of free identity theft protection to the affected customers as a preventive measure. While the exact source of the data breach is still being assessed, AT&T is working on providing complimentary identity theft and credit monitoring services to those with compromised sensitive personal information.

How do I know if I was affected?

AT&T has notified customers believed to be affected by the breach. If you're an AT&T customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

For more specific help and instructions related to AT&T's data breach, please contact AT&T's support directly.

Where can I go to learn more?

If you want to find more information on the AT&T data breach, check out the following news articles: