In a Saturday announcement addressing the info breach, AT&T said a dataset found on the “dark web” accommodates information including some Social Security numbers and passcodes for about 7.6 million checking account holders and 65.4 million former account holders.
Whether the info “came from AT&T or one of its providers” remains to be unknown, the Dallas-based company noted, adding that it has opened an investigation into the incident. AT&T has also begun notifying customers whose personal information has been compromised.
Here’s what it’s essential know:
What information was compromised on this breach?
Although it varies by customer and account, AT&T said the data involved on this breach included Social Security numbers and passcodes – which, unlike passwords, are numeric PINs which can be typically 4 digits long.
Full names, email addresses, mailing addresses, phone numbers, dates of birth, and AT&T account numbers may have been compromised. The affected data is from 2019 or earlier and doesn’t appear to contain financial information or call history, the corporate said.
How do I do know if I used to be affected?
Consumers affected by this breach should receive an email or letter directly from AT&T regarding the incident. The email notifications were sent Saturday, an AT&T spokesman confirmed to The Associated Press.
What actions has AT&T taken?
Beyond these notifications, AT&T said that current users’ passcodes have already been reset. The company added that it will pay for credit monitoring services if crucial.
AT&T also said it has launched “a thorough investigation” with internal and external cybersecurity experts to further investigate the situation.
Has AT&T experienced data breaches like this before?
AT&T has experienced multiple data breaches of various size and impact through the years.
While the corporate says the info from this latest breach surfaced on a hacking forum nearly two weeks ago, it closely resembles an identical breach that surfaced in 2021, which AT&T never acknowledged. Cybersecurity researcher Troy Hunt the AP said Saturday.
“If they evaluate this and make a bad decision, and we’ve had years go by without them being able to notify affected customers,” then it’s likely the corporate will soon face a category motion lawsuit, Hunt said , founding father of an Australia-based website that alerts people when their personal information is being exposed.
An AT&T spokesman declined further comment when asked in regards to the similarities on Sunday.
How can I protect myself in the longer term?
In our increasingly digital world, it could actually be difficult to completely avoid data breaches, but there are some steps consumers can take to guard themselves in the longer term.
The basics include creating and using hard-to-guess passwords Multifactor authentication if possible. If you receive a breach notification, it’s an excellent idea to vary your password and monitor account activity for suspicious transactions. You also needs to visit an organization’s official website for reliable contact information – as scammers sometimes try to take advantage of news like data breaches to achieve your trust through similar phishing emails or phone calls.
Additionally, the Federal Trade Commission Remarks That nationwide credit reporting agencies – akin to Equifax, Experian and TransUnion – offer free credit freezes and fraud alerts that customers can arrange to guard themselves from identity theft and other malicious activity.
