AT&T admits massive data leak of customers on dark web. What details exposed?

AT&T Inc. disclosed that personal data from approximately 7.6 million existing account holders and 65.4 million former customers has been leaked onto the dark web.
The telecommunications giant announced on Saturday that a dataset, discovered on the “dark web,” contains sensitive information, including Social Security numbers, belonging to about 7.6 million current AT&T account holders and 65.4 million former account holders.
ALSO READ- PM Modi, Bill Gates discuss AI, India’s key role in tech
1. The compromised data dates back to 2019 or earlier.
2. AT&T said that the leaked data does not appear to contain any financial information or call history.
3. The compromised data may contain various personal details such as passcodes, Social Security numbers, email addresses, mailing addresses, phone numbers, and birth dates.
ALSO READ- Tech layoffs March 2024: Apple, Dell, IBM and other companies cut jobs. Complete details here
AT&T said that it currently has no evidence of unauthorised access to its systems. The leaked data’s origin is still uncertain, with AT&T stating it’s unclear whether it came from the company or one of its vendors.
As of Saturday, the leak has not significantly impacted its operations. In response to the incident, the company reset passwords for millions of customer accounts, the statement added.
“The company is communicating proactively with those impacted and will be offering credit monitoring at our expense where applicable,” according to the statement.
Passcodes for current users have already been reset, and the company plans to reach out to account holders whose sensitive personal information was compromised, it said.
ALSO READ- CoWIN ‘data leak’: How a bot reignited privacy fears
AT&T is ranked as the third-largest US retail wireless carrier, only behind Verizon Communications Inc. and T-Mobile US Inc., according to Bloomberg data.
The Dallas-based company in February faced an outage that disrupted cellphone service for thousands of US users. AT&T attributed the incident to a technical coding error, ruling out any malicious intent.
(Inputs from Bloomberg and AP)