AT&T Company Cyber Security Posture

Description: AT&T suffered from a data breach incident after vendor hack that exposed 9 million customers data. The information did not contain credit card information, Social Security Number, account passwords or other sensitive personal information. The compromised data includes customer first names, wireless account numbers, wireless phone numbers, and email addresses. Customer Exclusive Network According to AT&T, information from some wireless accounts, such as the number of lines on an account or wireless rate plan, was made public.

Description: The 'Salt Typhoon' hacking campaign compromised AT&T's telecommunications network, allowing unauthorized access to Americans’ phone calls, text messages, and law enforcement wiretap systems. This blatant exploitation of cybersecurity vulnerabilities led to severe consequences, exposing the personal and operational data to potential misuse by nation-state actors. The aftermath of the breach has prompted regulatory proposals to implement basic cyber defenses and enforce cyber risk-management planning to prevent such extensive breaches in the future. This incident highlights the stark need for higher cybersecurity standards within critical infrastructure sectors.

Description: A massive data breach at AT&T resulted in hackers leaking personal information of 86 million customers. The breach, initially posted on a Russian cybercrime forum on May 15, 2025, and re-uploaded on June 3, 2025, involved a dataset believed to be from a stolen AT&T database. The leaked information includes full names, dates of birth, phone numbers, email addresses, physical addresses, and Social Security numbers (SSNs), with 43,989,219 records containing SSNs. The SSNs and dates of birth, originally encrypted, have now been decrypted, significantly escalating the risk of identity theft, financial fraud, and social engineering attacks.

Description: The California Office of the Attorney General reported that AT&T experienced unauthorized access to customer accounts between February and July 2014. The breach potentially involved Customer Proprietary Network Information (CPNI), but there is no evidence that Social Security Numbers were compromised. AT&T is offering affected individuals one year of free credit monitoring.

Description: The Vermont Office of the Attorney General reported a data breach involving AT&T on April 9, 2024. The breach occurred on March 26, 2024, when AT&T customer information was included in a dataset released on the dark web on March 17, 2024. The specific number of affected individuals is unknown, but the compromised information may have included full names, email addresses, mailing addresses, phone numbers, social security numbers, dates of birth, AT&T account numbers, and AT&T passcodes.

Description: The Maine Office of the Attorney General reported that AT&T experienced a data breach on March 26, 2024, affecting 51,226,382 individuals, including 89,842 residents. The breach involved a dataset of customer information released on the dark web, which potentially included social security numbers among other data types. AT&T is providing 12 months of identity theft protection services through Experian's IdentityWorks.

Description: The Vermont Office of the Attorney General reported a data breach involving AT&T on July 13, 2023. The breach occurred on or about May 17, 2023, and involved the retention of Personally Identifiable Information (PII) without authorization, including names, addresses, and Social Security numbers. The number of affected individuals is unknown.

Description: On June 10, 2014, the California Office of the Attorney General reported a data breach involving AT&T Mobility, LLC. The breach occurred between April 9 and April 21, 2014, involving unauthorized access to customer personal identifying information, including Social Security numbers and Customer Proprietary Network Information (CPNI). The exact number of individuals affected is unknown.

Description: AT&T faced two major data breaches in 2024, exposing sensitive information of millions of customers. The first breach, disclosed in March, compromised the personal data—including birth dates and Social Security numbers—of **73 million current and former account holders**, with the leaked dataset surfacing on the dark web. The second breach, announced in July, exposed call and text records of **nearly all** its cellular customers. These incidents led to consolidated class-action lawsuits, culminating in a proposed **$177 million settlement** ($149M for the first breach class, $28M for the second). Eligible customers can claim up to **$7,500** in compensation, contingent on documented losses traceable to the breaches. The settlement awaits final court approval (scheduled for **December 3, 2025**), with payouts delayed pending potential appeals and claim processing. The breaches underscore severe risks to customer privacy, financial security, and trust in AT&T’s data protection measures.

Description: A cybersecurity firm intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. It corresponds to current and former customers of AT&T. It intercepted a 1.6 gigabyte compressed file on a popular dark web file-sharing site. The largest item in the archive is a 3.6 gigabyte file called “dbfull,” and it contains 28.5 million records, including 22.8 million unique email addresses and 23 million unique SSNs. There are no passwords in the database. AT&T Internet is offered in 21 states and nearly all of the records in the database that contain a state designation corresponded to those 21 states; all other states made up just 1.64 percent of the records. The vast majority of records in this database belong to consumers, but almost 13,000 of the entries are for corporate entities.