AT&T has notified users and launched an investigation into a data leak holding personal information of 73 million current and former customers.

On Saturday, the telecommunications company said that Social Security numbers — among other personal information — were found on the dark web via a leaked dataset, per The Associated Press. AT&T states it has reset current users’ passcodes.

“It is not yet known whether the data … originated from AT&T or one of its vendors,” the company said in a statement. “Currently, AT&T does not have evidence of unauthorized access to its systems resulting in exfiltration of the data set.”

How was the leak found?

According to CNET, the data breach “first came to light in 2021,” when hackers allegedly stole AT&T customer data and listed the information for sale. Three years later, the stolen data was found on the dark web, per Troy Hunt, a cybersecurity researcher, per The Associated Press, and creator of the Have I Been Pwned website.

News of the data leak was then announced by X (formerly Twitter) user vx_underground — a collector of malware source code — who confirmed that “70,000,000+ records from an unspecified division of AT&T were leaked.”

According to The Associated Press, the leaked data is from 2019 or earlier. While call history and financial information does not seem to appear, ”email and mailing addresses, phone numbers and birth dates” have also been found in the data leak.

The leak reportedly affects about 7.6 million current and 65.4 million former account holders, per CNN. AT&T is contacting those affected and “will be offering credit monitoring at our expense where applicable.”

Hackers breach 23andMe, access personal info on nearly 7 million users

February’s AT&T outage

On Feb. 22, AT&T faced several unexpected outages resulting in “tens of thousands of customers across the U.S. unable to make calls, send texts or access the internet,” as previously reported by the Deseret News.

Later that day, the company updated and restored its wireless service, reporting that the outages were due to “the application and execution of an incorrect process” to expand its network. There were no reports of a cyberattack involved.

Because of the outage, AT&T on Feb. 28 announced it will reimburse affected customers with a $5 credit “in the next one or two billing cycles,” reported CNBC. However, the credit “doesn’t apply to AT&T Business Enterprise and Platinum accounts, AT&T prepaid or Cricket” users.

What you can do to protect yourself

The chief security officer of cybersecurity company Tenable, Bob Huber, told Fox Business that “affected customers should change their passwords immediately and set up two-factor authentication where possible.”

Tazin Khan, the founder of Cyber Collective — a “leading data ethics, privacy, and cybersecurity organization” — added that AT&T customers should check their inbox for data breach notices as well as use approved services like Have I Been Pwned to check if their data — such as an email or phone number — has been breached, per Fox Business.

Cybersecurity company MalwareBytes Labs warned to be careful of phone calls, emails or any other forms of messages posing as AT&T — and to err on the side of caution by contacting AT&T directly.

“Scammers often use themes that require urgent attention to hurry you into making a decision, filling in a form or giving away personal data. Take a step back and don’t give away any personal or financial information,” wrote MalwareBytes Labs.

A financial columnist was scammed out of $50,000. Here’s how to prevent it from happening to you
What is ‘cyber kidnapping’ and what can you do to stay safe online?