X

AT&T Vendor Data Breach Exposed 9 Million Customer Accounts

The data set was several years old, AT&T said.

David Lumb Mobile Reporter
David Lumb is a mobile reporter covering how on-the-go gadgets like phones, tablets and smartwatches change our lives. Over the last decade, he's reviewed phones for TechRadar as well as covered tech, gaming, and culture for Engadget, Popular Mechanics, NBC Asian America, Increment, Fast Company and others. As a true Californian, he lives for coffee, beaches and burritos.
Expertise Smartphones | Smartwatches | Tablets | Telecom industry | Mobile semiconductors | Mobile gaming
David Lumb
AT&T logo on a phone
SOPA Images/Getty Images

AT&T customer data was exposed in January through a third-party vendor that had been hacked, the carrier confirmed, affecting around nine million customer accounts. This included basic personal information but no financial data or Social Security numbers.

The data that AT&T had provided to the marketing vendor which had been exposed was "mostly related to device upgrade eligibility," according to a statement the provider sent to CNET. It included basic personal information like customer names, account numbers, phone numbers and email addresses, as well as the number of lines on the account, devices used and installment agreement information.

The exposed data didn't include Social Security numbers, credit card information, account passwords or "other sensitive information," the AT&T statement said, and the carrier noted that the data set was several years old.

AT&T said that its own systems were not breached and that it was notifying customers who had been affected. 

This is the first time the carrier's customer data has been exposed in years as rival T-Mobile has suffered far greater breaches of its own system. T-Mobile had just wrapped up paying out $350 million to subscribers affected by a 2021 cyberattack when it was hacked again back in January, exposing 37 million customers' data. 

Read more: T-Mobile Gets Hacked Again: Is the Un-Carrier Un-Safe?

A small Verizon breach back in October affected 250 prepaid customers.