A pedestrian passes an AT&T store in New York, USA
Scott Mill | CNBC
announced Saturday that it is investigating a two-week-old data breach that published thousands and thousands of consumers’ data on the dark web, a a part of the Internet that can only be accessed using special software.
The company has reset the passwords of seven.6 million current users affected and said it is actively contacting those customers, in addition to 65.4 million former account holders whose data was also compromised.
“As of today, this incident has not had a material impact on AT&T’s operations,” the company wrote in a news release Saturday.
Initial evaluation by AT&T showed that the leaked data dated back to around 2019 or earlier and included personal information equivalent to names, home addresses, phone numbers, dates of birth and Social Security numbers. The dataset doesn’t contain personal financial information or call history.
AT&T encourages users who receive an email regarding a difficulty to establish fraud alert accounts and monitor account activity and credit reports. The company has not yet identified the source of the leak.
In February, AT&T customers experienced a multi-hour crisis mobile phone failure, which the company explained was attributable to a systemic issue and never a cyberattack. The company’s CEO, John Stankey, later apologized for the incident and provided credits to affected customers.