AT&T Finally Confirms Data Breach And Resets Passcodes of Millions of Customers

Two years ago, AT&T experienced a hack and the company has recently admitted to it by announcing that they will be resetting passcodes for their current customers. These passcodes were originally used by 65.4 million previous customers and 7.6 million new customers, but AT&T has clarified that they will only be resetting passcodes for their active customers. The leaked information may have included personal details such as full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number, and passcode.

AT&T Takes Action: Passcodes Reset for Active Customers Affected by Data Breach

The telecommunications company is currently sending emails and letters to customers who were impacted by the breach, informing them about the incident and providing further information. Additionally, the company is disclosing the types of data that were compromised and the measures it is implementing to protect its customers. It is surprising that the company was unaware of the hack, as initial reports date back to 2021.

After being informed by TechCrunch about the vulnerability of their encrypted passcodes on Monday, AT&T has confirmed the authenticity of the leaked data. The passcodes, which are usually four-digit numbers used to verify customer accounts, were encrypted but can still potentially be decrypted. However, it should be noted that no customer passwords were compromised in the data breach.

As previously noted, in addition to the passcodes used to authenticate accounts, the data breach also exposed personal information such as birth dates, addresses, phone numbers, Social Security numbers, and customer names. Although AT&T has denied any data breaches in 2021, they maintain that there is no information available regarding the breach or “unauthorized access to their systems which resulted in the extraction of the data set.”

AT&T has created a dedicated webpage to address the data breach, providing users with necessary steps to secure their accounts. According to cybersecurity expert Troy Hunt, the company’s decision to delay notifying affected customers was incorrect, and it has taken several years to do so. This delay may potentially lead to a class action lawsuit against the company for failing to acknowledge the data breach, despite evidence being discovered on hacking forums.

It is important for customers to implement safety precautions in order to protect their accounts and monitor any suspicious activity. That is the extent of what needs to be done, and we will provide additional information as it becomes available.