New York, USA – In a troubling development, AT&T has revealed that over 70 million current and former customers have had their personal information exposed in a data breach that has set cybersecurity experts on high alert. The telecommunications company announced on Saturday that the breach, which occurred roughly two weeks ago, has affected 7.6 million current account holders and a staggering 65.4 million former account holders.
The compromised data set contains a wide range of sensitive information, including social security numbers, names, email and mailing addresses, phone numbers, dates of birth, as well as AT&T account numbers and passcodes. AT&T has emphasized that the breach seems to involve data from 2019 or earlier and that there is currently no evidence of unauthorized access to its systems leading to the theft of the data set.
Responding to the breach, AT&T is proactively reaching out to the impacted customers to reset their passcodes and has pledged to provide complimentary identity theft and credit monitoring services to help mitigate the fallout. Furthermore, the company has enlisted external cybersecurity experts to assist in the investigation to identify the source of the leak and strengthen its security measures.
This is not the first time AT&T has faced such a data security challenge. Over the years, the company has encountered multiple breaches, including one in March 2023 where customer information of 9 million wireless customers was accessed through a third-party marketing vendor. In a separate incident in August 2021, a hacking group claimed to possess data related to over 70 million AT&T customers, leading to renewed concerns about data protection and privacy.
The telecommunications industry as a whole has been grappling with an increase in data breaches, with other major players like T-Mobile and Verizon also experiencing significant security lapses in recent years. Reports indicate that U.S. telecommunications companies are prime targets for hackers, often through vulnerabilities in third-party vendors that can lead to widespread supply-chain attacks affecting numerous users across the globe.
In response to these growing cybersecurity challenges, the Federal Communications Commission (FCC) has revamped its data breach notification rules to hold telecommunications providers accountable for safeguarding customer information. These updated rules aim to ensure that phone companies prioritize protecting sensitive data and empower customers to take proactive measures in case of a security breach. FCC Chairwoman Jessica Rosenworcel stressed the importance of modernizing policies to keep pace with the digital age, highlighting the need for robust cybersecurity measures to protect consumer privacy.