Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Private data of 73 million AT&T customers leaked on dark web, including social security numbers

The company suggests that impacted customers closely monitor their accounts and credit reports

Katie Hawkinson
Monday 01 April 2024 00:52 BST
A data set posted on the dark web contains the personal information of some 73m AT&T customers

The personal information of more than 73 million people was exposed on the “dark web” after a massive cybersecurity breach of cellphone provider AT&T.

The company released a statement on Saturday revealing an unknown source posted the personal information — including social security numbers — of 65.4m former customers and 7.6m current users to the “dark web.” The data set appears to be from 2019 or earlier, according to their statement on Saturday.

The company is still assessing potential sources of the data, they said.

“Currently, AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set,” the statement reads. “The company is communicating proactively with those impacted and will be offering credit monitoring at our expense where applicable.”

Those impacted should closely monitor their account activity and credit reports, the company also said. However, a preliminary investigation shows that the breach did not include customers’ personal financial information or call history.

This breach isn’t the first time AT&T has made headlines this year. Last month, the company saw a widespread service outage impacting thousands of customers. The outages were due to “the application and execution of an incorrect process” during network expansion, rather than a cyberattack, the company said in a statement at the time. The Federal Communications Commission is also investigating the attack.

Similarly, in December 2023 telecommunications company Xfinity reported that hackers exploited a vulnerability in their software and “likely acquired” customers’ usernames and passwords. The breach affected some 35.9m people. For some customers, the hackers may have also identified the last four digits of social security numbers, account security questions, birthdates and contact information.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in