Hackers steal the data of millions of AT&T customers

Ryan Daws is a senior editor at TechForge Media with over a decade of experience in crafting compelling narratives and making complex topics accessible. His articles and interviews with industry leaders have earned him recognition as a key influencer by organisations like Onalytica. Under his leadership, publications have been praised by analyst firms such as Forrester for their excellence and performance. Connect with him on X (@gadget_ry) or Mastodon (@gadgetry@techhub.social)


A vendor hack has resulted in the data of millions of AT&T customers being stolen.

AT&T is sending emails to around nine million customers to alert them of the theft of their data.

The attackers did not breach AT&T directly but compromised the systems of a marketing vendor used by the US telecom giant.

All impacted users had CPNI (Customer Proprietary Network Information) stolen, including phone numbers, full names, and email addresses. A smaller subset also had information such as their specific plans, monthly charges, and the minutes they’ve used exposed.

Numerous customers took to AT&T’s forums to discuss the emails received from the operator.

Many customers enquired as to whether the emails were phishing attempts. AT&T confirmed they were legitimate emails.

However, affected users – especially those that had specific details such as their plans and monthly charges stolen – should now be extra vigilant about phishing attempts.

Customers are usually able to opt-out of allowing their data to be shared with third-parties. While it’s too late for impacted AT&T customers in this incident, it may be worth taking the opportunity to review your current data-sharing agreement with your operator.

Operators continue to be key targets for data thieves.

Earlier this year, AT&T rival T-Mobile suffered a hack that resulted in the data of around 37 million customers being stolen.

“Whether or not sensitive data and financial information were lost isn’t the point. Customer information is a privilege to hold, not a right,” commented Sam Curry, Chief Security Officer at Cybereason, at the time.

T-Mobile’s latest breach came less than two years after one that occurred in August 2021 that exposed sensitive information – including driving license and social security numbers – of tens of millions of its customers.

“Hackers are innovative, and companies with valuable data and services are always a target, but it remains to be seen if the compromises in 2023 are similar to the ones suffered by T-Mobile in 2021,” added Curry.

(Photo by Harpal Singh on Unsplash)

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.

Explore other upcoming enterprise technology events and webinars powered by TechForge here.

Tags: , , , , , , , , , , ,

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *