After weeks of denial, AT&T has finally acknowledged a massive data breach impacting 73 million current and former customer accounts. The telecom giant had initially claimed that a large trove of personal data leaked on the Dark Web did not originate from their systems. However, mounting evidence from cybersecurity researchers pointed to the data being authentic AT&T customer records.
In a recent statement, AT&T confessed that the leaked data set "appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders." The compromised data includes names, addresses, phone numbers, and for many, highly sensitive information like Social Security numbers and dates of birth.
"AT&T has launched a robust investigation supported by internal and external cybersecurity experts," the company's statement reads. "Currently, AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set."
While AT&T claims no signs of a system breach, security experts are skeptical given the company's previous denials and the authenticity of the exposed customer records.
"The concern is mainly around internal processes at AT&T, which originally denied that a data breach even occurred back in 2021 before admitting it," said Narayana Pappu, CEO at data security firm Zendata. "Assuming this information is from the previous hack (2021), hopefully, AT&T has already implemented remediation."
The data breach has led an Ohio man to file a class-action lawsuit against AT&T, accusing the company of negligence and breach of contract. Attorneys claimed that the incident could have been prevented and that AT&T's cybersecurity failed to protect customer data.
The risks stemming from such a massive Personal Identifiable Information (PII) exposure are severe according to Anne Cutler, Cybersecurity Evangelist at Keeper Security. "The immediate concern is the potential exploitation of this exposed data, which could lead to various malicious activities such as identity theft, phishing attacks, and unauthorized access to user accounts," Cutler warned.
Both experts urge impacted individuals to take proactive steps to secure their identities and online accounts in the wake of the breach. This includes updating credentials, using password managers, enabling multi-factor authentication, freezing credit reports, and signing up for identity theft protection services.
"In cases where personal information is stolen, threats from the data breach persist even after it's been discovered and contained," Cutler stated. "It is imperative for both current and former customers of AT&T to take proactive steps to protect themselves from cybercriminals."
AT&T says it is notifying all 73 million potentially impacted individuals and will be "offering credit monitoring at our expense where applicable." However, the telecom's delayed admission and lack of transparency around this significant breach is likely to raise further scrutiny from lawmakers and regulators.
As Pappu summed up, "AT&T should evaluate the processes they have in place to identify exposure and remediation." Failure to do so could severely undermine consumer trust in AT&T's ability to secure the vast troves of customer data under their purview.
Follow SecureWorld News for more stories related to cybersecurity.
