Click to Skip Ad
Closing in...

73 million AT&T accounts were hacked – here’s what you should do about it

Published Apr 1st, 2024 6:50AM EDT
iPhone 15 Screen and USB-C port.
Image: Christian de Looper for BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

The Easter weekend brought some bad news for 73 million current and former AT&T customers. The carrier confirmed a massive data breach impacting “7.6 million current AT&T account holders and 65.4 million former account holders.” AT&T reset the password of its existing subscribers, and started notifying all those impacted by the hack. 

This isn’t an April Fool joke. If you’re getting notifications from AT&T, or see news online mentioning the event, it’s because it’s very real. 

Reports some three years ago claimed that over 70 million AT&T accounts were breached, with some of that customer data selling on the dark web. The carrier denied that the customer information came from its servers at the time. 

More recently, data from the more than 70 million accounts made its way online again. It might include AT&T customer names, home addresses, phone numbers, dates of birth, and Social Security numbers. Additionally, each customer’s AT&T account password is part of the hack. These are 4-digit PINs that customers might use to protect their AT&T accounts. 

According to TechCrunch, those PINs are incredibly easy to hack even if they’re encrypted. A security researcher was able to do it, with TechCrunch notifying AT&T. 

The blog withheld disclosing the security issue until AT&T started resetting customer account passcodes. AT&T still has no idea what caused the hack, according to a support document on the matter:

AT&T has determined that AT&T data-specific fields were contained in a data set released on the dark web. While AT&T has made this determination, it is unknown whether the data in those fields originated from AT&T or one of its vendors.

The carrier said the data leak does not contain personal financial information or call history. But considering the amount of information the database holds, hackers could do plenty of harm with what’s available. 

Then again, AT&T says the breach dates back to 2019, if not earlier. Hackers could have used the information for nefarious purposes already.

You should reset your passcode if you’ve received a notice from AT&T. You should also set up fraud alerts, something AT&T recommends: 

We encourage customers to remain vigilant by monitoring account activity and credit reports. You can set up free fraud alerts from nationwide credit bureaus — Equifax, Experian, and TransUnion. You can also request and review your free credit report at any time via

AT&T will reach out via email offering complimentary identity theft and credit monitoring services.

Finally, make sure you check out the FAQ section of AT&T’s support document, which offers all the information AT&T is ready to disclose, as of March 31st. 

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.