- AT&T reset passcodes after a massive customer data leak surfaced on the dark web.
- The leak impacted 7.6 million current and 65 million former account holders, the company said.
- The data included names, email addresses, Social Security numbers, and other personal information.
AT&T is reaching out to millions of customers after their personal information — including Social Security numbers — surfaced on the dark web.
AT&T reset passwords on millions of customer accounts after Techcrunch notified the company on Monday that a massive customer data leak posted to the dark web included passcodes, the outlet reported.
The massive data dump, which surfaced this month, appears to be user information from 2019, the company said in a statement. AT&T said it conducted a "robust investigation supported by internal and external cybersecurity experts" after learning of the breach and found no evidence of "unauthorized access" that could have resulted in the leak.
"Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former account holders," AT&T said.
The leak contains encrypted passcodes for millions of user accounts, which can be easily deciphered, according to Techcrunch. AT&T says Social Security numbers were also included in the leak. The company is contacting impacted customers and offering to cover credit monitoring "where applicable," it said.
In a safety notice on its customer support page, AT&T says that the leaked data varies by account but may include full name, email address, mailing address, phone number, Social Security number, date of birth, AT&T account number, and passcode.
AT&T recommended that affected customers reset their password and set up free fraud alerts with the nation's three credit bureaus Equifax, Experian, and TransUnion.
News of this data leak follows a nationwide cellular service outage for millions of AT&T customers that lasted nearly 12 hours in February. AT&T said that a cyberattack did not cause the outage but rather a software update that went haywire.
The FBI and Department of Homeland Security are investigating the source of the outage, White House spokesperson John Kirby said in February. The company issued a $5 credit for customers who lost service during the outage.