Overview
On June 6, 2025, researchers discovered a massive AT&T customer data leak circulating on cybercrime forums. Over 86 million unique records are involved, with personal details like names, birthdates, phone numbers, emails, and physical addresses—all in plaintext, including 44 million Social Security numbers .
What Happened & How It Emerged
The leak appeared on May 15, then resurfaced June 3—possibly tied to the April 2024 “Snowflake” breach of AT&T systems . Despite AT&T’s claim that much of the data had been previously reported, the recent decrypt and republishing signal an elevated risk to affected individuals. The organized format and retention of SSNs heighten the threat of fraud and identity theft .
Why It Matters
- Widespread impact: 86 million records (~85% of AT&T’s US customer base).
- Identity exposure: 44 million SSNs—one of the most sensitive forms of PII.
- Reuse risk: Shared credentials across platforms may magnify vulnerability.
AT&T’s Response
AT&T has:
- Confirmed investigating the leak.
- Offered credit monitoring to potentially affected customers.
- Reported the incident to law enforcement .
What You Should Do
- Check exposure: Use identity-checking websites recommended by AT&T.
- Monitor credit: Look for unusual inquiries or new accounts.
- Freeze or lock credit: Adds a barrier to unauthorized lines of credit.
- Enable MFA: On all accounts, especially financial, email, and social.
External References
- TechRadar analysis: AT&T leak includes decrypted SSNs—90M records
- Times of India: Coverage of AT&T’s customer data leak