Hackers Allegedly Leak 31 Million AT&T Customer Records

Massive Exposure of Personal Information

Cybersecurity researchers who analyzed the leak say the sample data contains highly sensitive personal details of AT&T customers. The records reportedly include full names, genders, birth dates, tax identification numbers, device IDs, cookie IDs, IP addresses, physical addresses, phone numbers, and email addresses.

If verified, this data leak would represent a serious privacy risk due to the wide range of personally identifiable information (PII) exposed.

The dataset was posted on a well-known hacker forum, and cybersecurity platform DarkEye detected and reported the incident. The data is organized in structured formats, which makes it easier for threat actors to exploit.

Recurring Security Concerns at AT&T

This potential breach adds to a series of cybersecurity issues for AT&T. In March 2024, the company confirmed that data from 73 million current and former customers had been leaked on the dark web. That leak included Social Security numbers and other sensitive data.

In July 2024, AT&T disclosed another breach affecting call and text records from nearly 110 million customers. That incident involved metadata such as contacted phone numbers, call durations, and cell tower location data. It was traced back to compromised Snowflake cloud storage accounts.

The latest alleged leak could further damage customer trust, especially if the claim of 31 million exposed records proves to be authentic.

Potential Risks to Affected Users

The combination of leaked tax IDs, device identifiers, and personal information could enable a range of threats. These include identity theft, financial fraud, and targeted phishing or social engineering attacks.

As of now, AT&T has not issued a public response to the latest allegations. Cybersecurity experts continue to examine the evidence while the company’s investigation status remains unknown.