AT&T outlines steps to be taken after learning passcodes of 7.6 million customers were leaked

1comment
AT&T outlines steps to be taken after learning passcodes of 7.6 million customers were leaked
AT&T has reset the account passcodes of customers impacted by a massive data leak. It will also be contacting customers whose sensitive personal information was compromised and offering them complimentary identity theft and credit monitoring services.

In 2021, AT&T said that the information belonging to 71 million customers that a hacker was selling online did not originate from an alleged breach, despite evidence to the contrary. The hacker who claimed to have gotten into AT&T's systems said "I don't care if they don't admit. I'm just selling."

Additionally, BleepingComputer spoke to more than 50 AT&T and DirectTV customers who said that the leaked data contained info about them that was only known to AT&T, such as email accounts they only used for services provided by the carrier. 

Earlier this month, another cybercriminal put the data extracted from the 2021 breach on sale. The data included sensitive customer information such as names, addresses, mobile numbers, date of birth, and social security numbers. 

It has now come to light that the data also contained the passcodes that customers use to access their accounts. TechCrunch says that the mass reset was initiated after it informed AT&T on Monday that passcodes were also leaked alongside other information. 

AT&T says on its website that 7.6 million current customers and 65.4 million former customers were impacted by the data dump. The carrier believes that the data is from 2019 or earlier. Here's a snippet from the statement:


Recommended Stories
This is the first time that AT&T has admitted that the data leaked by hackers belongs to its customers, though it isn't sure whether it originated from its systems or one of its vendors.

A passcode is a four-digit PIN and is not the same as a password. It adds an extra layer of security to customer accounts and is required when receiving customer support or managing accounts at stores.

AT&T has already reset passcodes for those customers who were impacted by the leak. It still recommends that you change yours if you have been using the same passcode for a year. 

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless