Overview

• About 86 million customer records—including full names, dates of birth, addresses, phone numbers and roughly 44 million Social Security numbers—were first posted to a Russian cybercrime forum on May 15 and re-uploaded on June 3.
• AT&T says internal and external analysis confirms the files are repackaged from its March-April 2024 Snowflake cloud workspace breaches.
• The telecom operator has notified law enforcement and launched a full investigation into the latest leak.
• Security reviews indicate hackers gained access last year by exploiting accounts lacking multi-factor authentication.
• Affected customers are advised to update login details, enable two-factor authentication, monitor financial and credit reports and consider fraud alerts or a credit freeze; AT&T previously offered one year of complimentary Experian IdentityWorks monitoring.