The ‘AT&T breach’—what you need to know

Earlier this week, the data of over 70 million people was posted for sale on an online cybercrime forum. The person selling the data claims it stems from a 2021 breach at AT&T.

Back in 2021, a hacker named Shiny Hunters claimed to have breached AT&T and put the alleged stolen data up for sale for $1 million for a direct sell. Fast forward three years and another threat actor calling themselves MajorNelson has leaked what they say is the same data.

However, AT&T denies (both in 2021 and, now, in 2024) that the data came from its systems, telling BleepingComputer that it’s seen no evidence of a breach. No response was received to a follow-up question on whether the data could come from a third-party provider.

The data posted online includes names, addresses, mobile phone numbers, dates of birth, social security numbers, and other internal information. Almost the same set was offered for sale in 2021, but the encrypted date of birth and social security numbers have since been decrypted and added to the set as supplemental files for most records.

Several sources have verified the dataset (or parts thereof) contains valid data.

What to do

AT&T still hasn’t confirmed that the data came from its systems, nor from a third party. However, there are some general actions you can take if you are an AT&T customer:

  • Watch out for people posing as AT&T. Data breaches are great for scammers because they can contact you pretending to be from the (in this case alleged) breached company. If you receive an email, phone call or something similar from someone claiming to be from AT&T be cautious and contact AT&T directly to check it’s real.
  • Take your time. Scammers often use themes that require urgent attention to hurry you into making a decision, filling in a form or giving away personal data. Take a step back and don’t give away any personal or financial information.
  • Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

Check if your data has been breached

Our Digital Footprint records now include the AT&T data so you can check if your information has been exposed online. Submit your email address (it’s best to submit the one you most frequently use) to our free Digital Footprint scan and we’ll send you a report.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.