AT&T, the telecommunications company, has officially confirmed that data pertaining to approximately 73 million of its present and past customers private account data has been illicitly disclosed on the dark web.
In a formal statement, the Dallas-based company stated that AT&T has concluded that data-specific fields belonging to AT&T were present in a dataset that was released on the dark web around two weeks ago.
AT&T has reported that the data set in question seems to be from the year 2019 or earlier. This data breach has affected around 7.6 million current customers and approximately 65.4 million former account holders.
AT&T stated that the data set contained personal information, including Social Security numbers. The company indicated that it is uncertain whether the data was sourced from AT&T itself or one of its vendors.
The company stated that AT&T has initiated a comprehensive investigation with the assistance of both internal and external cybersecurity professionals.
The company has informed customers that a "number" of AT&T passcodes have been compromised. As a precautionary measure, the company has reset the passcodes for all affected current customers.
Furthermore, the company stated that it will engage in communication with both present and past account holders who have experienced the compromise of their sensitive personal information.
AT&T has stated that the compromised data does not seem to include any personal financial information or call history.
TechCrunch formally notified AT&T on Monday that the leaked data comprised encrypted passcodes that could be easily decrypted.
This is not the initial occurrence of challenges faced by the company this year. In February, a service outage resulted in the temporary disruption of cellphone service for a significant number of customers in the United States. The company attributed the network disruption to a software update.