American telecommunications giant AT&T has confirmed a massive data breach impacting 73 million current and former customers, whose personal information has been leaked onto the dark web.
The breach, which includes Social Security numbers, passcodes and contact details, has raised concerns over the security measures of one of the largest networks in the United States.
The breach includes data from approximately 7.6 million existing account holders and nearly 65.4 million former users.
The leaked data, believed to date back to 2019 or earlier, includes information such as full names, email addresses and dates of birth, although it does not encompass personal financial details or call history.
Thanks for reaching out. A number of AT&T passcodes have been compromised. Our teams are working with external cybersecurity experts to analyze the situation and we have reset passcodes. Learn more: https://t.co/tOZWNMOBen.
— AT&T (@ATT) March 31, 2024
AT&T remains uncertain whether the breach originated from within its infrastructure or via one of its vendors (a supply chain attack).
The hack dates back to 2021, when a hacker claimed the theft of 73 million AT&T customer records. At the time the culprit only shared a small part of the data, making it difficult to verify the claims.
However, earlier this month a data seller released what appeared to be the entire set of records on a well-known cybercrime forum, facilitating a thorough examination of the leaked data.
Security researcher Sam "Chick3nman" Croley told TechCrunch that each record in the leaked data contains the AT&T customer's account passcode in an encrypted format, which were "easy" to decipher.
TechCrunch says it alerted AT&T about the presence of these passcodes in the leaked data, after which the company initiated a mass reset.
AT&T customer account passcodes usually consist of four-digit numbers, serving as an extra security measure for accessing a customer's account, whether it's through contacting AT&T customer service or visiting retail outlets.
Despite the breach, AT&T says there's no evidence of unauthorized access leading to data exfiltration from its systems.
The company is providing guidance to customers on steps they can take to bolster their account security in light of the breach.
"If your information was impacted, you will be receiving an email or letter from us explaining the incident, what information was compromised, and what we are doing for you in response," the firm said.
"We encourage customers to remain vigilant by monitoring account activity and credit reports. You can set up free fraud alerts from nationwide credit bureaus — Equifax, Experian, and TransUnion," it added.
Cybersecurity expert Troy Hunt shared his concerns over the ramifications of the breach, noting the potential for class action lawsuits if affected customers were not promptly notified.
AT&T's wireless 5G network covers approximately 290 million people throughout the USA, making it one of the largest providers of mobile and internet services in the country.
But this isn't the first time AT&T has faced scrutiny over security lapses.
Earlier this year, the company grappled with a widespread mobile phone service outage attributed to a technical coding error. While AT&T said it was not the result of a malicious attack, the incident highlighted vulnerabilities within its infrastructure.
Back in 2019, it came out that AT&T employees had been bribed to set up rogue wireless access points inside the company's infrastructure.
This article originally appeared on our sister site Computing.
