The leaked data, which was released on the dark web two weeks ago, includes personal information such as Social Security numbers. The data appears to be from 2019 or earlier and does not contain financial information or specifics about call history.
The leak affected approximately 7.6 million current account holders and 65.4 million former account holders. AT&T is reaching out to customers, asking them to reset their account passcodes, and is offering credit monitoring at their expense where applicable.
The company was alerted of a potential leak about two weeks ago, but it is still unclear whether the data originated from AT&T or one of its vendors. AT&T has stated that it currently does not have evidence of unauthorized access to its systems resulting in the exfiltration of the data set.
The investigation into the source of the data leak is ongoing. As of now, AT&T has not been able to provide a clear explanation as to why millions of its customers’ data ended up online. The company is working to confirm that the data set discussed today is the same dataset that has been recycled several times on this forum. The source of the breach remains inconclusive, and it’s not clear if AT&T even knows where the data came from.
read more > edition.cnn.com