AT&T stated on Saturday that it is probing an event from two weeks prior, during which millions of customers’ data was exposed on the dark web, a segment of the Internet accessible only through specialized software.
The corporation has initiated password resets for the 7.6 million current users affected and has begun reaching out to them, as well as to the 65.4 million former account holders whose data was also compromised.
“As of today, this incident has not had a material impact on AT&T’s operations,” the company stated in a Saturday press release.
An initial examination by AT&T revealed that the leaked data dates back to approximately 2019 or earlier, containing personal details such as names, addresses, phone numbers, birth dates, and Social Security numbers. Notably absent from the dataset are personal financial details or call histories.
AT&T has advised users, who will be notified via email if they were impacted, to establish fraud alert accounts and diligently monitor their account activity and credit reports. The origin of the leak has not yet been determined.
In February, AT&T customers encountered an extended cellular outage, attributed by the company to a system glitch rather than a cyberattack. CEO John Stankey subsequently apologized for the disruption and offered customer credits to those affected.