If you’re an AT&T customer, now’s the time to take action. A massive data breach has exposed personal information from millions of accounts—and that data is reportedly up for sale on underground hacking forums.
According to cybersecurity researchers, a database containing up to 86 million AT&T customer records is being sold on Russian cybercrime forums. This leaked info includes sensitive personal details like:
- Full names
- Birthdates
- Phone numbers
- Email addresses
- Physical addresses
- And nearly 44 million decrypted Social Security numbers
Yes, you read that right—Social Security numbers. Originally encrypted, many have since been cracked and are now circulating in plain text. Translation? That’s a goldmine for identity thieves.
What Should You Do?
1. Check your credit reports – Look for any unfamiliar accounts or activity. You’re entitled to a free credit report every year from each major bureau at AnnualCreditReport.com.
2. Change your AT&T account password – Especially if you haven’t updated it recently, or if you reuse that password elsewhere.
3. Set up fraud alerts or credit freezes – It’s a smart move to stop scammers from opening new accounts in your name.
4. Monitor for identity theft – Consider using an identity monitoring service that can alert you to suspicious activity across your credit, bank, and public records.
5. Protect your digital life – Consider signing up for a McAfee+ protection plan. You’ll get automatic scam alerts, security for unlimited devices, and 24/7 identity monitoring—plus up to $2 million in identity theft coverage and recovery support from U.S.-based experts. McAfee handles the heavy lifting with dark web monitoring and scam prevention, so you can get back to living your life with confidence.
This isn’t the first time AT&T has faced a data breach—and unfortunately, it might not be the last. Taking steps now can help keep your identity safe in the long run.
First reported on July 12th, AT&T’s data breach exposed call and text records for a large portion of its customer base. This includes customers on mobile virtual network operators (MVNOs) that use AT&T’s network, like Cricket, Boost Mobile, and Consumer Cellular.
The compromised data covers a period between May 1, 2022, and October 31, 2022, with a small number of records from January 2, 2023, also affected. According to AT&T, hackers gained access through a third-party cloud platform account, similar to breaches at Ticketmaster and Santander Bank.
What Information Was Exposed?
The stolen data reveals the phone numbers customers communicated with, along with the frequency and total duration of calls/texts for specific periods. However, AT&T assures customers that the content of calls or texts, timestamps, Social Security numbers, dates of birth, or other personal details were not compromised.
What AT&T is Doing
AT&T claims the data isn’t publicly available and has secured the access point used by the hackers. They’re collaborating with law enforcement to apprehend those involved, with one arrest already reported. AT&T will notify affected customers and offer resources to protect their information.
This incident follows a previous leak earlier this year that exposed data of over 70 million AT&T customers, details of that leak can be found below.
AT&T, one of the largest telecom giants, recently acknowledged a significant data leak that has affected millions of its customers. The leaked dataset, which includes personal information such as names, addresses, phone numbers, and Social Security numbers, has raised concerns about privacy and security. In this blog post, we will provide an overview of the situation, explain the steps AT&T is taking to address the issue, and offer guidance on how you can protect yourself.
The Data Leak: AT&T has confirmed that the leaked dataset contains information from over 7.6 million current customers and 65 million former customers. The compromised data may include full names, email addresses, mailing addresses, phone numbers, Social Security numbers, dates of birth, AT&T account numbers, and passcodes. The company has reset the security passcodes of affected active customers.
AT&T’s Response: AT&T is actively reaching out to affected customers via email or letter to inform them about the data that was included in the leak and the measures being taken to address the situation. The company has also initiated a thorough investigation, working with external cybersecurity experts to analyze the incident. So far, there is no evidence of authorized access to AT&T’s systems resulting in data exfiltration.
Protecting Yourself: If you are an AT&T customer, it is crucial to take steps to protect yourself from potential fraud or identity theft. AT&T recommends setting up free fraud alerts with credit bureaus Equifax, Experian, and TransUnion. These alerts can help notify you of any suspicious activity related to your personal information. Additionally, consider implementing the following measures:
- Monitor Your Accounts: Regularly review your bank statements, credit card statements, and other financial accounts for any unauthorized transactions.
- Change Passwords: Update your passwords for all online accounts, including your AT&T account. Use strong, unique passwords and consider using a password manager to securely store them.
- Enable Two-Factor Authentication: Enable two-factor authentication whenever possible to add an extra layer of security to your accounts.
- Be Cautious of Phishing Attempts: Stay vigilant against phishing emails, calls, or texts that may try to trick you into revealing sensitive information. Be skeptical of any unsolicited communications and verify the source before sharing any personal data
- Enroll in an Identity Monitoring service. McAfee+ can help keep your personal info safe, with early alerts if your data is found on the dark web. We’ll monitor the dark web for your personal info, including email, government IDs, credit card and bank account numbers, and more
McAfee+ automatically monitors your personal data, including your:
✓ Social Security Number / Government ID
✓ Driver’s license number
✓ Passport number
✓ Tax ID
✓ Date of birth
✓ Credit card numbers
✓ Bank account numbers
✓ Usernames
✓ Insurance ID cards
✓ Email addresses
✓ Phone numbers
AT&T’s data leak is a concerning incident that highlights the importance of safeguarding personal information in the digital age. By staying informed, taking proactive measures to protect yourself, and remaining vigilant against potential threats, you can minimize the risk of falling victim to fraud or identity theft. Remember, your privacy and security are paramount, and it’s crucial to stay one step ahead of cybercriminals.
The post Your Social Security Number Could be for Sale: AT&T Data Breach Exposes 44M SSN Numbers appeared first on McAfee Blog.
