cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

AT&T finally admits ‘AT&T data-specific fields’ are part of leak affecting more than 70m customers

The US telco giant is still unaware of the source of the data leak but does say the data affects both current and past customers.

user icon David Hollingworth
Tue, 02 Apr 2024
AT&T finally admits “AT&T data-specific fields” are part of leak affecting more than 70m customers
expand image

US telecommunications multinational AT&T has said that a data leak with the details of 73 million people does, in fact, include “AT&T data-specific fields”.

The data has been in circulation for years, first offered up for sale in 2021 for up to US$1 million, but more recently posted in multiple formats on a hacking forum for just a few dollars.

AT&T said in 2021 that the data was not “from our systems”, but following its most recent appearance, AT&T has changed its tune – to a degree.


“AT&T has determined that AT&T data-specific fields were contained in a data set released on the dark web approximately two weeks ago,” AT&T said in a statement on its website.

“While AT&T has made this determination, it is not yet known whether the data in those fields originated from AT&T or one of its vendors. With respect to the balance of the data set, which includes personal information such as social security numbers, the source of the data is still being assessed.”

It should be noted that while AT&T says the data had been released on the dark web, the datasets in question were actually posted to a clear web site that any web browser can access.

According to AT&T’s investigations, the data dates back to 2019 and includes both past and present customers – the dataset features approximately 7.6 million current account holders and about 65.4 million previous customers.

“Currently, AT&T does not have evidence of unauthorised access to its systems resulting in exfiltration of the data set,” AT&T said. “The company is communicating proactively with those impacted and will be offering credit monitoring at our expense where applicable.”

AT&T also pointed out that the potential leak has not had a “material impact” on its daily operation.

Security researcher Troy Hunt spoke to a number of people whose details are included in the leak, and all confirmed they were AT&T customers.

“That is my info,” said the first person to respond to Hunt’s investigation. “I am an AT&T customer.”

Hunt said when the data began to circulate last month: “The old adage of ‘absence of evidence is not evidence of absence’ comes to mind (just because they can’t find evidence of it doesn’t mean it didn’t happen), but as I said earlier on, I (and others) have so far been unable to prove otherwise.”

AT&T has said its investigation is ongoing and that it has engaged third-party specialists.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.