AT&T resets account passcodes after millions of leaks online

AT&T, the telecommunications giant, has taken urgent action to reset millions of customer account passcodes following a significant data breach where a cache of data consisting of AT&T customer records surfaced online earlier this month, according to TechCrunch, an American global online newspaper.

According to AT&T, data on passcodes, social security numbers, and addresses was made public on the dark web. Although AT&T stated it had not found any evidence to indicate that the data had been taken, it had still hired cybersecurity specialists to look into the matter. According to BBC, online data breaches have exposed the personal information of 73 million AT&T customers, both past and present.

AT&T customer account passcodes, usually four-digit numbers, serve as an additional security layer for accessing customer accounts, whether through customer service calls, in-store visits, or online interactions.

AT&T has confirmed that it would notify all 7.6 million existing customers whose passcodes were reset, along with current and former customers affected by the compromised personal information. This is the first time that AT&T has officially acknowledged the leaked data belongs to its customers, coming three years after a hacker claimed the theft of 73 million AT&T customer records. Despite AT&T previously denying a system breach, the source of the leak remains undetermined.

In 2021, the hacker who claimed responsibility for the AT&T breach shared only a small sample of records, hindering verification of the data's authenticity. However, earlier this March, a data seller published the full 73 million AT&T records on a well-known cybercrime forum, allowing for a more comprehensive analysis.

As one of the biggest suppliers of mobile and internet services, AT&T's wireless 5G network serves nearly 295 million people.