In 2021, AT&T said that the information belonging to 71 million customers that a hacker was selling online did not originate from an alleged breach, despite evidence to the contrary. The hacker who claimed to have gotten into AT&T’s systems said “I don’t care if they don’t admit. I’m just selling.”
It has come to our attention that a number of AT&T passcodes have been compromised. We are reaching out to all 7.6M impacted customers and have reset their passcodes. In addition, we will be communicating with current and former account holders with compromised sensitive personal information.
Our internal teams are working with external cybersecurity experts to analyze the situation. To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history.
We encourage customers to remain vigilant by monitoring account activity and credit reports.
This is the first time that AT&T has admitted that the data leaked by hackers belongs to its customers, though it isn’t sure whether it originated from its systems or one of its vendors.
A passcode is a four-digit PIN and is not the same as a password. It adds an extra layer of security to customer accounts and is required when receiving customer support or managing accounts at stores.
AT&T has already reset passcodes for those customers who were impacted by the leak. It still recommends that you change yours if you have been using the same passcode for a year.