AT&T is notifying tens of millions of present or former clients that their account information has been compromised and revealed final month on the darkish net. Simply what number of tens of millions, the corporate is not saying.

In a compulsory submitting with the Maine Legal professional Common’s workplace, the telecommunications firm stated 51.2 million account holders had been affected. On its company web site, AT&T put the quantity at 73 million. In both occasion, compromised information included one or extra of the next: full names, electronic mail addresses, mailing addresses, cellphone numbers, social safety numbers, dates of start, AT&T account numbers, and AT&T passcodes. Private monetary info and name historical past didn’t seem like included, AT&T stated, and information gave the impression to be from June 2019 or earlier.

The disclosure on the AT&T web site stated the 73 million affected clients comprised 7.6 million present clients and 65.4 million former clients. The notification stated AT&T has reset the account PINs of all present clients and is notifying present and former clients by mail. AT&T representatives haven’t defined why the letter filed with the Maine AG lists 51.2 million affected and the disclosure on its web site lists 73 million.

In response to a March 30 article revealed by TechCrunch, a safety researcher stated the passcodes had been saved in an encrypted format that would simply be decrypted. Bleeping Pc reported in 2021 that greater than 70 million data containing AT&T buyer information was put up on the market that 12 months for $1 million. AT&T, on the time, informed the information web site that the amassed information didn’t belong to its clients and that the corporate’s methods had not been breached.

Final month, after the identical information reappeared on-line, Bleeping Pc and TechCrunch confirmed that the info belonged to AT&T clients, and the corporate lastly acknowledged the connection. AT&T has but to say how the data was breached or why it took greater than two years from the unique date of publication to verify that it belonged to its clients.

Given the size of time the info has been accessible, the harm that’s more likely to end result from the latest publication is more likely to be minimal. That stated, anybody who’s or was an AT&T buyer ought to be looking out for scams that try and capitalize on the leaked information. AT&T is providing one 12 months of free id theft safety.