NEW YORK (AP) — The theft of delicate info belonging to thousands and thousands of AT&T’s present and former prospects has been lately found on-line, the telecommunications big stated this weekend.
In a Saturday announcement addressing the info breach, AT&T stated {that a} dataset discovered on the “darkish internet” comprises info together with some Social Safety numbers and passcodes for about 7.6 million present account holders and 65.4 million former account holders.
Whether or not the info “originated from AT&T or certainly one of its distributors” continues to be unknown, the Dallas-based firm famous — including that it had launched an investigation into the incident. AT&T has additionally begun notifying prospects whose private info was compromised.
This is what you might want to know.
WHAT INFORMATION WAS COMPROMISED IN THIS BREACH?
Though various by every buyer and account, AT&T says that info concerned on this breach included Social Safety numbers and passcodes — which, not like passwords, are numerical PINS which are sometimes 4 digits lengthy.
Full names, e mail addresses, mailing tackle, cellphone numbers, dates of beginning and AT&T account numbers might have additionally been compromised. The impacted knowledge is from 2019 or earlier and doesn’t seem to incorporate monetary info or name historical past, the corporate stated.
HOW DO I KNOW IF I WAS AFFECTED?
Customers impacted by this breach ought to be receiving an e mail or letter instantly from AT&T concerning the incident. The e-mail notices started going out on Saturday, an AT&T spokesperson confirmed to The Related Press.
WHAT ACTION HAS AT&T TAKEN?
Past these notifications, AT&T stated that it had already reset the passcodes of present customers. The corporate added that it might pay for credit score monitoring companies the place relevant.
AT&T additionally stated that it “launched a sturdy investigation” with inner and exterior cybersecurity specialists to analyze the scenario additional.
HAS AT&T SEEN DATA BREACHES LIKE THIS BEFORE?
AT&T has seen a number of knowledge breaches that vary in measurement and influence over time.
Whereas the corporate says the info on this newest breach surfaced on a hacking discussion board almost two weeks in the past, it carefully resembles an identical breach that surfaced in 2021 however which AT&T by no means acknowledged, cybersecurity researcher Troy Hunt advised the AP Saturday.
“In the event that they assess this and so they made the fallacious name on it, and we’ve had a course of years go with out them with the ability to notify impacted prospects,” then it’s seemingly the corporate will quickly face class motion lawsuits, stated Hunt, founding father of an Australia-based web site that warns folks when their private info has been uncovered.
A spokesperson for AT&T declined to remark additional when requested about these similarities Sunday.
HOW CAN I PROTECT MYSELF GOING FORWARD?
Avoiding knowledge breaches totally might be tough in our ever-digitized world, however customers can take some steps to assist defend themselves going ahead.
The fundamentals embrace creating hard-to-guess passwords and utilizing multifactor authentication when potential. For those who obtain a discover a few breach, it is good concept to alter your password and monitor account exercise for any suspicious transactions. You will additionally need to go to an organization’s official web site for dependable contact info — as scammers generally attempt to make the most of information like knowledge breaches to achieve your belief by look-alike phishing emails or cellphone calls.
As well as, the Federal Commerce Fee notes that nationwide credit score bureaus — reminiscent of Equifax, Experian and TransUnion — provide free credit score freezes and fraud alerts that customers can set as much as assist defend themselves from identification theft and different malicious exercise.
___
AP Reporter Matt O’Brien contributed to this report from Windfall, Rhode Island.