Security News > 2023 > March > AT&T alerts 9 million customers of data breach after vendor hack

AT&T is notifying roughly 9 million customers that some of their information was exposed after a marketing vendor was hacked in January.

"The information did not contain credit card information, Social Security Number, account passwords or other sensitive personal information. We are notifying affected customers."

While the data breach notification does not share the number of impacted customers, AT&T told BleepingComputer that "Approximately 9 million wireless accounts had their Customer Proprietary Network Information accessed."

"Our report to law enforcement does not contain specific information about your account, only that the unauthorized access occurred.?". Customers are advised to toggle off CPNI data sharing on their accounts by making a CPNI Restriction Request to reduce exposure risks in the future if AT&T uses it for third-party vendor marketing purposes.

An AT&T spokesperson is yet to reply to an email asking for more info on what specific information was exposed in the incident and what vendor was breached for this data to be exposed.

In August 2021, AT&T denied a data breach after a notorious threat actor put up for sale a database containing what he claimed to be the personal information of 70 million AT&T customers.

News URL

https://www.bleepingcomputer.com/news/security/atandt-alerts-9-million-customers-of-data-breach-after-vendor-hack/