Earlier this week, CNET News.com reported that someone hacked into a database and stole information for about 19,000 customers of AT&T's DSL service. Now, San Francisco Chronicle reporter David Lazarus reports there's more to the story. In a Chronicle story today, Lazarus details how the initial breach led to a subsequent follow-up phishing attempt targeting the same group of 19,000. The hacking victims, whose social security numbers and other personal information were not part of the initital database breach, were sent phishing e-mails ostensibly from the AT&T DSL store with details regarding recent purchases. The customers were told there was a problem processing their orders and were asked (via a phishing site) to submit more information. The phishing attack part of the story was not made public by AT&T, although the company did send out a warning to potential victims earlier this week. The database attack occured at a third-party site that partnered with AT&T to sell its DSL equipment.