What to Do After a Massive AT&T Data Breach
AT&T is having a tough year. Back in February , customers experienced a massive network outage that lasted about 12 hours . The company has another round of bad news this month: AT&T suffered a massive data breach that affected more than 70 million customers (7.6 million current and 65.4 million former). The data ended up on the dark web, a popular place for criminals to sell stolen data and information, and the company doesn’t know for sure whether the leak occurred through AT&T itself or through third-party vendors.
What AT&T information was leaked in the data breach?
AT&T only directly tells customers what information was compromised, so we don’t know the exact details that were leaked on the dark web. However, the company said the information is “customer and account specific” and could include your full name, birthday, email address, mailing address, phone number and Social Security number in addition to your AT&T account number and password. Some data is obviously more sensitive than others, so not everyone will have the same experience.
However, whatever information was stolen is likely to be recent. AT&T says the data set dates back to 2019 and earlier, so it doesn’t appear to include any information from the last four to five years. Of course, people aren’t in the habit of changing their Social Security number often, but if you’ve moved or changed email addresses, hackers may have gotten outdated information.
If you are one of the affected customers, AT&T will contact you directly via email or letter to let you know what data was compromised. Hackers claimed to have leaked similar data back in August 2021 ; at that point, the dataset had only been partially published, so it was not clear whether the data was actually legitimate. AT&T says the events are unrelated.
What should I do if my AT&T data has been leaked?
AT&T actively resets active customers’ passwords (the four-digit PIN you use to verify your identity with the company), regardless of whether they were compromised or not. The first thing you should do is add new code that you create yourself. To do this, log into your myAT&T profile , click Get a New Password , go to My Linked Accounts , select Change for the password you want to update, and then follow the onscreen instructions.
Now may be the time to change your password . If you haven’t already, setting up two-factor authentication for your account can help prevent hacking if someone steals your password, since you’ll need access to a trusted device to authenticate. AT&T also recommends setting up fraud alerts through the credit bureaus Equifax , Experian and TransUnion , as stolen Social Security numbers can be used for identity theft. While these services are free, the company is offering free identity theft and credit monitoring to all affected users, so look for setup instructions in your email or letter from AT&T.