AT&T Suffers Another Data Breach, Affecting 73 Million Users

The US telecom giant AT&T revealed over the weekend that it has suffered a massive data breach affecting millions of users. The company stated that a data set circulating on the dark web contains sensitive personal information of approximately 73 million current and former users.

According to AT&T, the exposed data involves about 7.6 million active account holders and 65.4 million former users. The leaked information varies by individual but includes social security numbers, full names, email addresses, dates of birth, as well as AT&T account credentials and passwords.

Although AT&T claimed the incident has not had a “substantial” impact on its operations yet, it still raises concerns over the company’s data security capabilities. As of now, AT&T has not determined the exact source of the data breach. However, preliminary analysis suggests that the leaked data may date back to 2019 or earlier.

The telecom giant has taken steps to address the situation. It is contacting all affected current users via email and resetting their account passwords. AT&T also plans to provide free identity theft and credit monitoring services to both current and former users whose sensitive data has been exposed. External cybersecurity experts have also been brought in to investigate the matter.

Consumer advocacy groups are urging affected users to not only change passwords and monitor account activity but also consider freezing their credit reports with the three major credit bureaus to prevent potential identity theft.

This is not the first time AT&T has experienced a data breach. In March of last year alone, personal information of 9 million wireless customers was illegally obtained by a marketing vendor. In August 2021, a hacker group also claimed to have data on 76 million AT&T users, which AT&T questioned the validity of at the time.

In fact, data breaches have long been a persistent issue plaguing the US telecom industry. In 2023, a breach affected 37 million T-Mobile customers. Just last month, Verizon also suffered a data breach impacting over 63,000 people, mostly employees.

In a report last year, cybersecurity firm Cyble pointed out that telecom companies have become lucrative targets for hackers due to the vast amount of user data they hold. The report attributed most breaches to security vulnerabilities stemming from third-party vendors.

To strengthen oversight, the US Federal Communications Commission (FCC) updated its data breach notification rules last December, requiring telecom carriers to properly safeguard customer information and promptly notify users in the event of a breach. The FCC chair stated that the existing rules had become outdated and must evolve to ensure network and user data security in the digital age.

Data breaches have dealt a double blow to telecom operators, both financially and reputationally. Yet, it is often the innocent consumers who bear the ultimate brunt. While the industry undoubtedly needs to urgently bolster its own security defenses, government regulation must also keep pace to truly protect user interests.

FAQ

Q: How do I know if my information has been leaked?

• AT&T is notifying all affected current users by email.
• You can also use a service like Trend Micro ID Protection to scan your personal information for free.

Q: What can I do to prevent further harm if my information has been leaked?

Take the following steps:

• Run a local antivirus scan to check for security threats on your devices.
• Change your passwords.
• Enable two-factor authentication.
• Check your credit report.
• Request a credit freeze from the credit bureaus.

Q: How can I prevent my information from being leaked in the future?

Be careful when browsing the web and opening links to prevent phishing attacks.

Consider using a third-party service like Trend Micro ID Protection to track your personal information. You will be notified immediately if there is a data breach involving your information.