AT&T Data Breach: What Is AT&T Doing for the 73 Million Accounts Breached?

If you're worried about your data, here's what you can do, including how to reset your AT&T account passcode.

Clifford Colby Managing Editor
Clifford is a managing editor at CNET, where he leads How-To coverage. He spent a handful of years at Peachpit Press, editing books on everything from the first iPhone to Python. He also worked at a handful of now-dead computer magazines, including MacWEEK and MacUser. Unrelated, he roots for the Oakland A's.
Expertise Tech from browser security to password managers and government programs from mail-in voting to federal assistance
Mary-Elisabeth Combs Associate Writer
Mary-Elisabeth is an associate writer on CNET's How-To team. She's a recent graduate of UNC-Chapel Hill's English Department, and resides in Charlotte, North Carolina. On the How-To team, she covers a little bit of everything. When she's not writing, she's catching up on Formula 1 or reading.
Clifford Colby
Mary-Elisabeth Combs
6 min read
AT&T phone

AT&T said it has reset the passcodes for 7.6 million current customers, in response.

James Martin/CNET

Were you one of the 73 million current and former customers who had their personal information stolen in the AT&T breach? If so you should have heard from AT&T, letting you know you can sign up for one free year of credit monitoring and identity theft detection through Experian's IdentityWorks. In the wake of the breach, plaintiffs are starting to file class action lawsuits against AT&T.

The AT&T account breach appears to be from 2019 or earlier, the company said in a statement, and includes Social Security numbers and account information for approximately 65.4 million former customers and 7.6 million current account holders.

The data leak first came to light in 2021, when hackers claimed they'd stolen customer data from AT&T and would put the information up for sale. Fast-forward to March 2024, the stolen personal information was discovered on the dark web, according to Troy Hunt, creator of Have I Been Pwned

In response, AT&T said it has contacted the 7.6 million current customers and has reset their passcodes. Whether you're in the smaller set of current customers or the larger group of former account holders who think their data has been stolen in the breach, you can take steps to potentially lessen the damage of the breach. Read on for what you can do. AT&T didn't immediately respond to CNET's request for comment. 

For more, here are our picks for the best identity theft protection and monitoring services and how Consumer Report's permission slip can help you take control of your online data

What to know about the AT&T data leak

AT&T on March 30 said that the personal information of 73 million current and former customers was leaked in mid-March to the dark web. The company said the stolen information appears to be from 2019 or earlier, and it does not know if the information came from AT&T or one of its vendors. 

What personal information was stolen in the AT&T breach?

According to AT&T, which customer and account data was stolen may vary by account, but thieves had access to customers' full name, email address, mailing address, phone number, Social Security number, date of birth, AT&T account number and passcode. AT&T said the information doesn't appear to contain personal financial information or call history. 

What is AT&T doing for the 73 million customers whose data was stolen?

In addition to resetting passcodes, AT&T said it is providing the 73 million current and former customers whose accounts were breached identity-theft and credit-monitoring services through Experian's IdentityWorks for one year for free.

AT&T said customers need to sign up for identity theft protection service by Aug. 30, 2024.

What is an AT&T passcode?

A customer's passcode is essentially a numerical PIN and is usually four digits. A passcode is different from a password and is required to complete an AT&T installation, perform personal account functions by phone or contact technical support by phone, AT&T said.

How to reset your AT&T passcode

AT&T said it has already reset the passcodes for those active accounts where data was stolen but recommends if you haven't changed your passcode in the past year, you should change yours as a precaution. Here's how to change your AT&T passcode.

  1. Head to your myAT&T Profile. Sign in, if asked. (If you have extra security enabled and can't sign in, AT&T says to choose Get a new passcode)
  2. Scroll to My linked accounts
  3. Select Edit for the passcode you want to update
  4. Follow the prompts to finish up

Where can you check if you are part of the AT&T breach

AT&T said it will email or mail a letter to the 7.6 million current customers whose data was stolen, explaining the incident, what information was compromised and what it is doing in response. The company said it has reset passcodes for affected current customers. The company said it is also communicating with the 65.4 million former account holders whose data was stolen.

You don't have to wait for AT&T to contact you. Using Have I Been Pwned, you can check whether your data has been leaked. If you store your password information in a Google account, the company's Password Checkup tool can alert you if your account information has been exposed. The premium version of our favorite password manager, Bitwarden, can check for stolen passwords on the web. 

Changing your passcode and password, if AT&T hasn't contacted you, can help secure your account.

How to monitor your credit report for fraud

If you think your personal information was part of the AT&T breach, you can watch your credit reports for signs of potential fraud. 

Monitor your credit reports. You get one free credit report a year from the three major credit bureaus: Equifax, Experian and TransUnion. On your report, look for unusual or unfamiliar activity, such as the appearance of new accounts you didn't open. Watch your credit card accounts and bank statements for unexpected charges and payments.

Sign up for a credit monitoring service. Pick a credit monitoring service that constantly monitors your credit report on major credit bureaus and alerts you when it detects unusual activity. To help with the monitoring, you can set fraud alerts that notify you if someone is trying to use your identity to create credit. An identity-theft-protection service like LifeLock can start at $7.50 a month -- or you could use a free credit-monitoring service like the one from Credit Karma

What to do if you suspect you're a victim of fraud or identity theft

As soon as you suspect your personal information has been stolen, take action to stop unauthorized charges and start to recover your identity.

Place a fraud alert. If you suspect fraud, place a fraud alert with each of the credit reporting companies: Equifax, Experian and TransUnion. The alert notifies creditors that you have been a victim of fraud and lets them know to verify new credit requests in your name. You can place an initial fraud alert, which stays on your credit report for 90 days, or an extended fraud alert, which stays on your credit report for seven years. Placing a fraud alert won't affect your credit score. 

Contact fraud departments. For each business and credit card company where you think an account was opened or charged without your knowledge, contact its fraud department. While you're not responsible for fraudulent charges to an account, you need to report the suspicious activity promptly.

Freeze your credit. If you want to stop anyone from opening credit and requesting loans and services in your name without your permission, you can freeze your credit. You will need to request a freeze with each of the three credit reporting companies, which again are Equifax, Experian and TransUnion. To apply for new credit, you need to unfreeze your credit through each of the credit reporting companies. You can either request a temporary lift of the freeze or unfreeze it permanently.

Create a recovery plan. The Federal Trade Commission has a valuable tool that helps you report identity theft and recover your identity through a personal recovery plan and Identity Theft Report, which you can use to dispute charges.

Document everything. Keep copies of all documents and expenses and records of your conversations about the theft.

For more, here are our favorite password managers and the best VPN services