Tube4vids logo

Your daily adult tube feed all in one place!

AT&T acknowledges massive data leak affecting 73MILLION users as the telecom giant resets account passcodes for customers - after previously denying they'd been compromised

PUBLISHED
UPDATED
VIEWS

AT&T reset account passcodes for millions of customers this week after acknowledging a massive data leak that affected more than 73 million users.

The telecom giant said the leaked dataset appears to be from 2019 or earlier, impacting around 7.6 million current AT&T account holders and 65.4 million former account holders.

The leaked dataset includes names, home addresses, phone numbers, Social Security numbers, and dates of birth, as reported by TechCrunch.

A security researcher who analyzed the dataset found it contained encrypted passcodes, prompting the carrier to initiate a resetting process, according to the outlet.

The revelation comes a week after the carrier denied a breach of its systems, saying there's 'no indications of a compromise'. 

AT&T reset account passcodes for millions of customers this week after acknowledging a massive data leak that affected more than 73 million users

AT&T reset account passcodes for millions of customers this week after acknowledging a massive data leak that affected more than 73 million users

The telecom giant said the leaked dataset appears to be from 2019 or earlier, impacting around 7.6 million current AT&T account holders and 65.4 million former account holders. Pictured: a hacker posted what they claimed were 70 million AT&T records to a forum in August, 2021

The telecom giant said the leaked dataset appears to be from 2019 or earlier, impacting around 7.6 million current AT&T account holders and 65.4 million former account holders. Pictured: a hacker posted what they claimed were 70 million AT&T records to a forum in August, 2021 

AT&T customer account passcodes are four-digit numbers used to access user accounts either online or in retail stores. 

In a statement released on Saturday, AT&T said: 'AT&T has launched a robust investigation supported by internal and external cybersecurity experts. 

'Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders.'

'AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set,' the statement said. 

The company added 'it is not yet known whether the data in those fields originated from AT&T or one of its vendors.' 

The shocking revelation comes after a data seller dumped massive rolls of alleged AT&T customer records on a cybercrime forum earlier this month. 

The dataset contains 73million records including 49million unique email addresses, 44million Social Security numbers, and 43,000 dates of birth, according to Troy Hunt, a security researcher. 

After obtained a copy of the dataset and analyzed it, Hunt said in a blog post that the leaked data was real. 

The researcher, who owned data breach notification site Have I Been Pwned, asked his subscribers if they were AT&T customers and the data looked accurate. 

Users have since come forward, saying the leaked data indeed contained their personal information, Hunt said. 

The leaked dataset includes names, home addresses, phone numbers, Social Security numbers, and dates of birth, according to security experts who analyzed the data

The leaked dataset includes names, home addresses, phone numbers, Social Security numbers, and dates of birth, according to security experts who analyzed the data

In 2023, AT&T suffered data breaches with one in March when the company notified nine million people about the cyberattack

In 2023, AT&T suffered data breaches with one in March when the company notified nine million people about the cyberattack

One answer that Hunt received reads, 'That it my info. I am an AT&T customer,' and another person says, 'Unfortunately it looks accurate. I was an AT&T customer back in 2014 but not now.' 

At the time, AT&T spokesperson Stephen Stokes did not confirm if the alleged dataset was valid and how it's spilled online. 

He wrote in a statement: 'We have no indications of a compromise of our systems. We determined in 2021 that the information offered on this online forum did not appear to have come from our systems. 

'This appears to be the same dataset that has been recycled several times on this forum.' 

Rumors about AT&T data leak emerged three years ago when a hacker posted what they claimed were 70 million AT&T records to a forum in August, 2021. 

The person, known as ShinyHunters on the forum, has a proven history of breaching large organizations, according to Hunt. 

The person attempted to sell the database with a starting price of $200,000 and incremental offers of $30,000. The hacker also said they were willing to sell it immediately for $1million.

In February this year, 70,000 users were left without phone signal for hours during a massive outage

In February this year, 70,000 users were left without phone signal for hours during a massive outage 

The company blamed the outage on a 'software update glitch' as it expanded its network coverage

The company blamed the outage on a 'software update glitch' as it expanded its network coverage 

In 2023, AT&T suffered data breaches with one in March when the company notified nine million people about the cyberattack. 

The company blamed a third-party vendor that was attacked by hackers in January and said its own system was not compromised. 

In February this year, 70,000 users were left without phone signal for hours during a massive outage. 

The company blamed the outage on a 'software update glitch' as it expanded its network coverage. 

However, there had been speculation that the issue may have been the result of a cyberattack. 

Cyber experts also told DailyMail.com the issue had hallmarks of a cyberattack, potentially an attempt by hackers to blackmail the company or steal user data. 

Although the company insisted there were 'no indications of malicious activity', both the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) were on the hunt to track down what disrupted service. 

Comments