AT&T experienced two major data breaches in 2024, exposing highly sensitive personal information of millions of customers. The first breach (March 2024) leaked critical data such as Social Security numbers, account passcodes, addresses, phone numbers, emails, and birth dates—enabling potential identity theft and financial fraud. The second breach (July 2024) exposed call records, including phone numbers, contacted numbers, call durations, and cell site IDs, raising privacy concerns. The company faced a $177 million legal settlement, with affected customers eligible for compensation up to $7,500 depending on documented losses. AT&T attributed the breach to illegal downloads from a third-party cloud platform, discovered in April 2024 but disclosed to customers in July after an investigation. The incident underscores systemic vulnerabilities in data protection, leading to financial penalties, reputational damage, and regulatory scrutiny. The settlement awaits final court approval in January 2026.
Source: https://unionrayo.com/en/data-breach-customers-settlement-claim/
AT&T cybersecurity rating report: https://www.rankiteo.com/company/att
"id": "ATT3033030111925",
"linkid": "att",
"type": "Breach",
"date": "3/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Millions',
'industry': 'Telecommunications',
'location': 'United States',
'name': 'AT&T',
'size': 'Large (millions of customers)',
'type': 'Telecommunications'}],
'attack_vector': 'Third-party cloud platform compromise',
'customer_advisories': ['Claim deadline extended to December 18, 2024',
'Claims can be submitted online (Kroll website) or by '
'mail',
'Documented proof of losses required (receipts, '
'official documents)',
'Self-written statements not accepted',
'First breach victims eligible for up to $5,000; '
'second breach victims up to $2,500; dual victims up '
'to $7,500'],
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Millions',
'personally_identifiable_information': ['Names',
'Addresses',
'Phone numbers',
'Emails',
'Birth dates',
'Account passcodes',
'Account numbers',
'Social Security '
'numbers'],
'sensitivity_of_data': 'High (SSNs, account passcodes, call '
'metadata)',
'type_of_data_compromised': ['Personal Identifiable '
'Information (PII)',
'Call Detail Records (CDR)']},
'date_detected': '2024-04',
'date_publicly_disclosed': '2024-07',
'description': 'AT&T suffered two major data breaches in 2024, exposing '
'personal and call-related data of millions of customers. The '
'breaches led to a $177 million legal settlement, with '
'affected customers eligible for compensation up to $7,500. '
'The first breach (March 2024) exposed highly sensitive '
'personal data, while the second (July 2024) involved call '
'metadata. AT&T attributed the breaches to illegal downloads '
'from a third-party cloud platform. The settlement awaits '
'final court approval in January 2026.',
'impact': {'brand_reputation_impact': 'Significant (publicized breaches and '
'settlement)',
'customer_complaints': 'High (millions affected)',
'data_compromised': ['Phone numbers',
'Addresses',
'Email addresses',
'Birth dates',
'Account passcodes',
'Account numbers',
'Social Security numbers',
'Call records (phone numbers, contacted '
'numbers, interaction counts, call durations, '
'cell site IDs)'],
'financial_loss': '$177 million (settlement)',
'identity_theft_risk': 'High (SSNs and personal data exposed)',
'legal_liabilities': '$177 million settlement + potential '
'individual claims',
'systems_affected': ['Third-party cloud platform']},
'initial_access_broker': {'entry_point': 'Third-party cloud platform',
'high_value_targets': ['Customer PII',
'Call metadata']},
'investigation_status': 'Completed (settlement pending final court approval '
'on 2026-01-15)',
'lessons_learned': 'Importance of securing third-party cloud platforms, '
'timely customer notification, and proactive legal '
'settlement to avoid prolonged litigation.',
'post_incident_analysis': {'corrective_actions': ['Settlement agreement to '
'compensate affected '
'customers',
'Legal and regulatory '
'compliance review'],
'root_causes': ['Inadequate security controls on '
'third-party cloud platform',
'Delayed detection (breach '
'occurred in March/July 2024, '
'detected in April 2024)']},
'recommendations': ['Enhance third-party vendor security assessments',
'Implement stricter access controls for cloud-stored data',
'Improve incident response timelines for public '
'disclosure',
'Prioritize customer compensation and transparency'],
'references': [{'source': 'Kroll Settlement Administration'},
{'source': 'U.S. District Court for the Northern District of '
'Texas'}],
'regulatory_compliance': {'fines_imposed': '$177 million (settlement)',
'legal_actions': 'Class-action lawsuit settled'},
'response': {'communication_strategy': 'Customer notifications began in July '
'2024',
'incident_response_plan_activated': 'Yes (investigation '
'initiated in April 2024)'},
'stakeholder_advisories': 'Customers notified via direct communication; '
'settlement claims process established (deadline: '
'2024-12-18).',
'title': 'AT&T Data Breaches (March & July 2024)',
'type': ['Data Breach', 'Unauthorized Data Access']}