In a statement released by the largest telecommunications company in the United States, AT&T, they shared that they recently discovered a dataset for sale on the “dark web” that contained information for about 7.6 million current AT&T account holders and 65.4 million former users, totaling approximately 73 million affected accounts.
AT&T shared that the data released contained passcodes (PIN numbers) and Social Security numbers from 2019 or earlier and did not contain any other personal financial information or call history but could possibly include e-mail and mailing addresses, phone numbers and birthdates.
AT&T has reached out to all customers via e-mail or mail to let them know of the breach and to reset their passcodes. If you’re an AT&T customer, it’s important to be highly critical of any e-mail asking you to change your password. Please make sure it is from AT&T, as it’s suspected other cybercriminals will attempt to capitalize on this issue and send out fake e-mails with malicious links, hoping someone will click on them. If you’re concerned it’s a fake e-mail, call AT&T support and ask them to send another reset link while you’re on the phone.
As for the cause of the breach, it’s still unknown whether the data breach originated from AT&T or one of its vendors, but AT&T has launched an investigation and will likely hire computer forensics specialists to find the cause of the incident.
The organization will also have to scrub any installed malware out of the software that runs its customer account system without disrupting unaffected customers’ service. Between the investigation, cleaning up the issues, lawsuits, legal fees and more, this will be an expensive issue to solve.
That’s why at CoreTech, we talk about being proactive with cybersecurity so often. While no solution is 100% impenetrable, most are strong enough to keep the majority of hackers out. It is way more costly to deal with the effects of a cyber-attack than it is to prevent one in the first place.