A massive cybersecurity breach at mobile phone provider AT&T has exposed the personal information of more than 73 million people to the “dark web.”
The company released a statement on Saturday revealing that an unknown source posted personal information, including social security numbers, of 65.4 million former customers and 7.6 million current users on the “dark web.” The data set appears to date back to 2019 or earlier, according to a statement on Saturday.
The company is still evaluating potential data sources.
“At this time, AT&T has no evidence of unauthorized access to its systems that would result in the exfiltration of data sets,” the statement said. “We are actively communicating with those affected and will provide credit monitoring, at our expense, where applicable.”
The company also said affected individuals should closely monitor their account activity and credit reports. However, a preliminary investigation revealed that the breach did not include customers' personal financial information or call logs.
This breach is not the first time AT&T has made headlines this year. The company experienced widespread service outages last month that affected thousands of customers. The company said in a statement at the time that the outage was not due to a cyberattack, but rather due to “incorrect application and execution of processes” during network expansion. The US Federal Communications Commission is also investigating the attack.
Similarly, in December 2023, telecommunications company Xfinity reported that hackers exploited vulnerabilities in its software and “may have obtained” customer usernames and passwords. Approximately 35.9 million people were affected by this breach. For some customers, hackers may have also determined the last four digits of their Social Security numbers, account security questions, dates of birth, and contact information.