The largest telecommunications company in the United States, AT&T, has reported the discovery of a dataset for sale on the “dark web.” This dataset contains information for approximately 7.6 million current AT&T account holders and 65.4 million former users, totaling about 73 million affected accounts.

AT&T disclosed that the compromised data includes passcodes (PIN numbers) and Social Security numbers dating back to 2019 or earlier. However, it does not contain any other personal financial information or call history. Nonetheless, it may include e-mail and mailing addresses, phone numbers, and birthdates.

To address the breach, AT&T has notified all customers via e-mail or mail to reset their passcodes. It's crucial for AT&T customers to scrutinize any e-mails requesting password changes and ensure they are legitimate. There's concern that other cybercriminals may exploit the situation by sending fake e-mails with malicious links. If in doubt, customers are advised to contact AT&T support for assistance and request a reset link while on the phone.

The cause of the breach remains undetermined, with speculation whether it originated from AT&T or one of its vendors. AT&T has initiated an investigation and may enlist computer forensics specialists to pinpoint the cause.

In addition to investigating the breach, AT&T will need to remove any malware from its customer account system software without disrupting unaffected customers’ service. The process of investigation, remediation, potential legal action, and associated costs will likely make this a costly issue to resolve.

That’s why we emphasize proactive cybersecurity measures at Trailhead. While no solution guarantees absolute security, most are robust enough to deter the majority of hackers. Dealing with the aftermath of a cyber-attack is far more expensive than preventing one from occurring.

If you're concerned about your organization's safety, don't hesitate to request a FREE Security Assessment from our team of cybersecurity experts. We'll conduct a thorough analysis of your network to identify any potential entry points that hackers could exploit. Additionally, we'll offer guidance on collaborating with third-party vendors to enhance the security of both your and your customers' data.