Read the text below.
The theft of sensitive information belonging to millions of AT&T’s current and former customers has been recently discovered online, the telecommunications giant said in March.
In a March 30 announcement addressing the data breach, AT&T said that a dataset found on the “dark web” contains information including some Social Security numbers and passcodes for about 7.6 million current account holders and 65.4 million former account holders.
Whether the data “originated from AT&T or one of its vendors” is still unknown, the Dallas-based company noted—adding that it had launched an investigation into the incident. AT&T has also begun notifying customers whose personal information was compromised.
Consumers impacted by this breach should be receiving an email or letter directly from AT&T about the incident. The email notices began going out on March 30, an AT&T spokesperson confirmed to The Associated Press.
Beyond these notifications, AT&T said that it had already reset the passcodes of current users. The company added that it would pay for credit monitoring services where applicable. AT&T also said that it “launched a robust investigation” with internal and external cybersecurity experts to investigate the situation further. AT&T has seen several data breaches that range in size and impact over the years.
While the company says the data in this latest breach surfaced on a hacking forum several weeks ago, it closely resembles a similar breach that surfaced in 2021 but which AT&T never acknowledged, cybersecurity researcher Troy Hunt told the AP.
Avoiding data breaches entirely can be tricky in our ever-digitized world, but consumers can take some steps to help protect themselves going forward.
The basics include creating hard-to-guess passwords and using multifactor authentication when possible. If you receive a notice about a breach, it’s a good idea to change your password and monitor account activity for any suspicious transactions. You’ll also want to visit a company’s official website for reliable contact information—as scammers sometimes try to take advantage of news like data breaches to gain your trust through look-alike phishing emails or phone calls.
This article was provided by The Associated Press.