AT&T says personal data of several million customers was leaked onto the dark web.
“Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and 65.4 million former account holders,” the company wrote on its website Saturday (March 30). “Currently, AT&T does not have evidence of unauthorized access to its systems resulting in theft of the data set.”
The telecom giant said its investigation found that “AT&T data-specific fields” were part of the data set released to the dark web, though it’s not clear whether those fields originated from the company or one of its vendors.
The data includes customers’ Social Security numbers, names, email and mailing addresses, phone numbers, dates of birth, AT&T account numbers and passcodes.
The breach comes a little more than a month after a widespread service outage that impacted AT&T’s network and drew the attention of both the FBI and Department of Homeland Security.
The outage affected customers in several major metro areas, including New York, Houston, Atlanta, Miami, Chicago and Dallas. Reports around the same time said that three other mobile carriers — Verizon, T-Mobile and UScellular — also experienced outages, but these disruptions were more limited than that of AT&T.
Elsewhere in the data security space, PYMNTS discussed the topic recently with Taylor Lowe, CEO and co-founder of AI infrastructure platform Metal, told PYMNTS.
“For the last 10 years, the financial sector alone has invested countless sums into data science and building out their data intelligence departments,” he said.
“Not only is a lot of the infrastructure in place throughout these organizations, but the incentives are there: The years of operating with a data-first mindset have paid off, and firms see how valuable it is,” Lowe added. “Technologies like AI have just added more fuel to that fire and accelerated the insights you can get out of your data.”
But, that report continued, this explosion in data has led to major visibility challenges for security teams, especially considering the gap between threat detection, data discovery and classification.
Research from cybersecurity firm Rubrik found that the vast majority of businesses (98%) are wrestling with data visibility issues because of complex technology stacks, creating vulnerabilities that adversaries can exploit.