AT&T faced two major data breaches in 2024 (March and July), exposing **millions of customers' personal information**, including **Social Security numbers, birthdates, and phone records**. The March incident involved leaked AT&T-specific fields on the dark web, while the July breach saw cybercriminals illegally download limited customer data. The breaches left customers vulnerable to **identity theft and fraud**, leading to a **$177 million settlement**—one of the largest in the telecom sector. The settlement covers **current and former customers**, offering compensation (up to **$7,500 per person**), free credit monitoring, and identity theft protection. AT&T denied wrongdoing but agreed to the settlement to avoid litigation, while committing to **enhanced security measures** like improved encryption and monitoring. The case highlights systemic vulnerabilities in telecom security, with regulatory bodies like the **FCC and FTC** likely to impose stricter breach notification rules and penalties.
Source: https://www.webpronews.com/atts-177m-data-breach-payout-deadline-looms-for-customer-claims/
AT&T cybersecurity rating report: https://www.rankiteo.com/company/att
"id": "ATT0893608111425",
"linkid": "att",
"type": "Breach",
"date": "6/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Nearly all of AT&T’s customer '
'base at the time (millions)',
'industry': 'Telecommunications',
'location': 'United States',
'name': 'AT&T Inc.',
'size': 'Large (millions of customers affected)',
'type': 'Telecommunications Company'}],
'customer_advisories': ['Check eligibility for settlement claims via the '
'official portal or by mail.',
'No proof of AT&T service required for basic '
'eligibility.',
'Opt-out option available for those wishing to pursue '
'independent legal action.',
'Public urged to remain vigilant against phishing '
'scams and identity theft attempts.'],
'data_breach': {'data_encryption': 'Likely inadequate (as part of outdated '
'security protocols)',
'data_exfiltration': 'Yes (data leaked on dark web in March; '
'illegally downloaded in July)',
'number_of_records_exposed': 'Millions (nearly all of AT&T’s '
'customer base)',
'personally_identifiable_information': 'Yes (SSNs, '
'birthdates, phone '
'records, etc.)',
'sensitivity_of_data': 'High (includes SSNs and other PII)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Social Security numbers',
'Birthdates',
'Phone records',
'Phone numbers']},
'date_publicly_disclosed': ['March 2024', 'July 2024'],
'description': 'AT&T Inc. agreed to pay $177 million to resolve claims from '
'two major data breaches in 2024 that compromised the personal '
'information of millions of customers. The breaches, announced '
'in March and July 2024, exposed sensitive data including '
'Social Security numbers, birthdates, and phone records. The '
"settlement covers individuals affected by either the 'AT&T 1 "
"Data Incident' or the 'AT&T 2 Data Incident,' with claims "
'reaching up to $7,500 per person. The deal includes '
'provisions for free credit monitoring and identity theft '
'protection, alongside commitments to enhance data security '
'measures such as improved encryption and monitoring.',
'impact': {'brand_reputation_impact': 'Significant; public scrutiny and loss '
'of trust',
'data_compromised': ['Social Security numbers',
'Birthdates',
'Phone records',
'AT&T-specific fields (March breach)',
'Phone numbers (July breach)'],
'financial_loss': '$177 million (settlement amount)',
'identity_theft_risk': 'High; exposed data includes sensitive PII '
'vulnerable to identity theft and fraud',
'legal_liabilities': 'Multidistrict litigation consolidated under '
'Judge Ada E. Brown; one of the largest '
'telecom-related settlements in recent years'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes (March breach '
'involved AT&T-specific '
'fields leaked on the dark '
'web)'},
'investigation_status': 'Resolved (settlement approved by federal judge in '
'Texas)',
'lessons_learned': ['Legacy systems in telecommunications are highly '
'vulnerable to sophisticated cyber threats.',
'Proactive investments in zero-trust architectures and '
'AI-driven threat detection are critical.',
'Settlements, while costly, may not fully deter '
'negligence if penalties are proportionally small '
'compared to corporate revenues.',
'Public awareness campaigns are essential to ensure '
'affected individuals file claims.'],
'post_incident_analysis': {'corrective_actions': ['Settlement agreement '
'includes commitments to '
'improve encryption and '
'monitoring.',
'Enhanced data security '
'measures implemented '
'post-breach.',
'Public awareness campaigns '
'to inform affected '
'customers.'],
'root_causes': ['Outdated security protocols',
'Inadequate encryption and '
'monitoring',
'Vulnerability to sophisticated '
'hacking attempts']},
'recommendations': ['Telecom firms should prioritize upgrading security '
'protocols to prevent similar breaches.',
'Implement stricter breach notification timelines and '
'regulatory compliance measures.',
'Invest in AI-driven threat detection and zero-trust '
'architectures.',
'Enhance customer communication and support during and '
'after breaches.',
'Monitor dark web activity for leaked corporate data '
'proactively.'],
'references': [{'source': 'United States District Court for the Northern '
'District of Texas'},
{'source': 'Kroll Settlement Administration (Official '
'Settlement Website)'},
{'source': 'The Economic Times'},
{'source': 'Top Class Actions'},
{'source': 'NBC DFW'},
{'source': 'CBS News'},
{'source': 'KTVU FOX 2'},
{'source': 'AfroTech'},
{'source': 'Business Insider'},
{'source': 'AP News'},
{'source': 'Altitudes Magazine'},
{'source': 'Yahoo News'},
{'source': 'WORLDSTARHIPHOP (X/Twitter)'},
{'source': 'CT Insider'},
{'source': 'MSN'}],
'regulatory_compliance': {'fines_imposed': '$177 million (settlement amount, '
'not a fine)',
'legal_actions': 'Class-action lawsuit; '
'multidistrict litigation'},
'response': {'communication_strategy': ['Official settlement website (managed '
'by Kroll)',
'Public awareness campaigns',
'Social media outreach (e.g., '
'X/Twitter)'],
'enhanced_monitoring': 'Yes (as part of post-breach security '
'overhauls)',
'incident_response_plan_activated': 'Yes (as part of settlement '
'terms)',
'recovery_measures': ['$177 million settlement fund',
'Free credit monitoring and identity theft '
'protection (up to 3 years)',
'Reimbursement for documented losses (up '
'to $7,500 per person)'],
'remediation_measures': ['Improved encryption',
'Enhanced monitoring'],
'third_party_assistance': 'Kroll Settlement Administration '
'(managing settlement claims)'},
'stakeholder_advisories': ['Customers advised to file claims by December 18, '
'2025 (extended deadline).',
'Free credit monitoring and identity theft '
'protection offered for up to 3 years.',
'Documentation required for reimbursement of '
'losses exceeding basic claim amounts.'],
'title': 'AT&T Data Breaches Settlement (2024)',
'type': ['Data Breach', 'Class-Action Settlement'],
'vulnerability_exploited': ['Outdated security protocols',
'Sophisticated hacking attempts']}