Millions of current and former AT&T customers’ leaked data, including Social Security numbers, were posted on the dark web earlier this month.
The leak prompted a “robust investigation supported by internal and external cybersecurity experts,” the telecommunications giant said Saturday.
The compromised data appears to be from 2019 or earlier and included the information of roughly 7.6 million current customers and 65.4 million former ones, AT&T said.
The leaked information may have included customers’ names, email and mailing addresses, phone numbers, Social Security number, dates of birth, AT&T account numbers and passcodes.
“It is not yet known whether the data in those fields originated from AT&T or one of its vendors,” the company said, adding that there is no evidence so far that the leak was caused by unauthorized access to the company’s systems.
AT&T reset affected customers’ passwords after TechCrunch alerted the company Monday that a huge trove of data containing customers’ passwords had been dumped on the dark web, the outlet reported.
The company said it is reaching out to those affected by the breach to let them know what information was leaked and is offering free identity theft and crediting monitoring services.
The leak came a month after millions of AT&T customers experienced a nationwide cellphone outage that left some without service for up to 12 hours. The company blamed the disruption on a software update gone awry.