The most recent AT&T data breach occurred in March 2023, when AT&T notified 9 million customers that their data had been exposed following an attack on a third-party vendor.
Below is a full timeline of the AT&T data breaches through 2023, starting with the most recent.
March 2023: AT&T Notifies 9 Million Customers Following Attack on Vendor
In March, AT&T notified roughly 9 million customers that their data had been compromised following an attack on a third-party vendor. AT&T described the exposed data as “Customer Proprietary Network Information,” including data on customers’ wireless plans and payment amounts. According to AT&T, sensitive personal or financial information was not exposed in the attack.
August 2022: Stolen Data Discovered on 23 Million AT&T Customers
Hold Security – a cybersecurity firm – came across a trove of stolen data featuring the names, Social Security numbers, dates of birth, and more information on approximately 23 million Americans. After analyzing the information contained within the dataset, Hold Security determined the data likely relates to current or former AT&T customers.
The reason the cybersecurity firm believes the data pertains to AT&T customers is based on email domains, plus addressing, listed states aligning with AT&T internet areas, AT&T corporate addresses appearing in the dataset, and more. A significant amount of the customer information shows birth years of 2000, which suggests the data was acquired in 2018, based on the age requirement for getting an account.
AT&T didn’t confirm or deny where the data was related to customers but did state that it didn’t seem to originate from its systems. Instead, the company said it was potentially connected to a data incident at another company without elaborating further.
August 2021: Hacker Group Lists Data on Over 70 Million AT&T Customers for Sale
In August 2021, news emerged after a hacker group claimed it was selling data on over 70 million AT&T customers. RestorePrivacy found the information and attempted to determine if the sample data listed as part of the sale was authentic, and did find some matches based on public records. However, the group couldn’t confirm whether it was connected to AT&T customers specifically.
AT&T denied that the featured data is related to a new breach. The company claimed it didn’t appear to come from AT&T systems. As a result, the genuine source of the data isn’t known.
July 2020: US Department of Justice Charges AT&T Employees in Massive Phone Unlocking Scheme
Between 2012 and 2017, a number of AT&T employees at a call center in Bothell, Washington, were bribed to install malware and install unauthorized hardware as part of a phone unlock scam. Two Pakistani men – Muhammad Fahd and Ghulam Jiwani – paid more than $1 million in bribes to compromise AT&T’s internal networks and have phones unlocked in exchange for payments.
Initially, the activity focused on phone unlocks, with the scammers paying employees to unlock devices based on a list of IMEIs provided by the scammers. However, the approach later shifted and included requests to install malware that collected data on AT&T’s infrastructure, including keyloggers that recorded data relating to company computers and applications.
A second type of malware deployed through the pair used the data collected from the first piece of malware to take specific actions, including using employee credentials to unlock more phones. It’s estimated the hackers unlocked over 2 million devices.
October 2014: Customer Data Compromised After Employee Fails to Follow Privacy Policies
Reports emerged in October 2014 regarding a data breach that impacted an estimated 1,600 AT&T customers. An employee broke company policy and inappropriately accessed customer information, including Social Security and driver’s license numbers.
The impacted customers were located in Vermont, based on information provided in the reports. The employee responsible was immediately terminated once the issue was discovered, according to statements from AT&T. It isn’t clear whether the data was simply accessed in violation of company policy or if it was used for any particular purpose.
April 2014: Third-Party Vendor Uses Personal Data to Unlock Phones
In June 2014, reports emerged of an AT&T wireless data breach relating to the activities of three third-party vendor employees. The employees at the third-party vendor accessed personal data on customer accounts without authorization, giving them the ability to view details like birth dates, Social Security numbers, and more. Additionally, some limited call data was viewable to the third-party employees, such as destination numbers, times and dates of calls, and durations.
The purpose of the intrusion wasn’t necessarily to take advantage of sensitive data. Instead, the employees were requesting codes to unlock AT&T mobile devices, making them usable on other networks. AT&T believed that the third-party employees were assuming the identities of customers as a means of unlocking various phones.
AT&T didn’t disclose the exact number of customers impacted. However, based on California law disclosure requirements and related filings by AT&T, it’s possible at least 500 customers were affected by the breach.
2014: AT&T Insider Data Breach Exposes Information on 280k Customers
In 2013 and 2014, employees at AT&T call centers operating in Colombia, Mexico, and the Philippines exposed sensitive customer data to third parties. The data included the names and Social Security numbers (either full or partial) of approximately 280,000 AT&T customers.
The data wasn’t specifically collected for identity theft or similar purposes. Instead, the information was improperly accessed and sold to unlock mobile devices, likely to simplify reselling.
In April 2015, the Federal Communications Commission (FCC) fined AT&T $25 million for the breach, a record-setting amount at the time for a privacy-related issue.
June 2010: Security Flaw in AT&T’s Website and Mobile Network Exposes 114k iPad User Email Addresses
In June 2010, a hacker group claimed it had gathered email address information on 114,000 Apple iPad users associated with AT&T service. The hackers stated that they exploited a vulnerability on the company’s website and were able to collect identification numbers – the ICC-IDs – when the associated iPads communicated using the AT&T network. With that information, it’s possible to derive the connected emails.
AT&T acknowledged and claimed responsibility for the breach, though focused on minimizing the incident. The company also eliminated the feature on its website that was exploited.
June 2001: AT&T Wireless Customer Information Appears in Online Chat Rooms
As reported in June 2001, AT&T Wireless customer information began appearing in online chat rooms, indicating a potential breach. Customers noticed unauthorized charges on their credit card bills, and subsequent information connected the customers to the incident based on them previously signing up with AT&T Wireless or Verizon Wireless at some point between December 2000 and April 2001 using the companies’ online process.
During the investigation, chat room log files were discovered that contained sensitive customer information, including Social Security numbers, driver’s license numbers, and more. The exact number of impacted customers wasn’t clear, though some estimated the total to be in the hundreds at least.
3 thoughts on “AT&T Data Breaches: Full Timeline Through 2023”
I have dedicated my time to do these although am not supposed to be doing but the laudable job Henry did for me worth more than what i paid for,l have never dream of getting my husband phone call details and receiving his whatsapp and text messages(not even anytime soon).The day i started receiving all his messages that was the day l promised to come back to where l saw recommendation about him and join the good people to spread and share my experience. Married women pls contact him via email: Henryclarkethicalhacker@gmail.com and you can text, call him on whatsapp him on +12014305865, or +17736092741, and be saved from the bondage subjected by those selfish men.
Hello everyone, Need hacking related services? Be warned, most of these so-called hackers here are impostors, I know how real hackers work, they never advertise themselves in such a credulous manner and they are always discrete. I’ve been ripped off so many times out of desperation trying to find urgent help over my wife sudden attitude for so help me, my friend introduced me to a reliable hacker who work with discretion and delivers, he does all sorts of hacks but he helped me see through fiancé Facebook and also wire his phone calls direct to my phone. I get to see he never loves me but wants to take over all I have and my inheritance. more power to your elbow HENRY, contact through.. Email: Henryclarkethicalhacker@gmail.com, and you can also text, call him, whatsapp on +1(201)4305865, or +1(773)6092741 for best job delivery He will help you out with any hacking related issues cos
His job is 100% untraceable and you will never regret contacting him because he’s honest, truthful and trustworthy….
I’m excited to write about Henry Hacker, he is a great and brilliant hacker who penetrated my spouse’s phone without a physical installation app. And I was able to access my spouse’s phone, SMS, Whatsapp, Instagram, Facebook, Wechat, Snapchat, Call Logs, Kik, Twitter and all social media. The most amazing thing there is that he restores all phone deleted text messages. And I also have access to everything including the phone gallery without touching the phone.I can see the whole secret of my spouse. Contact him for any hacking service. He is also a genius in repairing Credit Score, increasing school grade, Clear Criminal Record etc. His service is fast. Contact:, Henryclarkethicalhacker@gmail.com and you can text, call him on whatsapp him on +12014305865, or +17736092741..