Excerpt from Bank info Security Article, Published on Jun 5, 2025.
AT&T is once again under fire after hackers reportedly leaked 86 million customer records, including decrypted Social Security numbers and highly sensitive personal data. Cybersecurity researchers confirmed the leak on Wednesday, raising serious concerns about the privacy and safety of millions of AT&T users. According to Hackread, the breach includes nearly 44 million Social Security numbers, along with full names, addresses, and dates of birth. The data, originally stolen by the hacking group ShinyHunters, was recently re-uploaded to a well-known Russian cybercrime forum, igniting new fears of fraud and identity theft targeting AT&T customers.
AT&T acknowledged the situation in a statement, saying it is “not uncommon for cybercriminals to re-package previously disclosed data for financial gain.” The company stated it is conducting a full investigation into claims that AT&T data is being sold on dark web forums. However, experts say the structured nature of the new data dump organized into three clear CSV files makes it easier than ever for malicious actors to exploit. Trey Ford, CISO of Bugcrowd, urged a reevaluation of identity systems based on static identifiers like Social Security numbers. He argued that this breach demonstrates the urgent need for more secure, federated identity controls. “We should treat the SSN like public information and adopt a modern system for identity authentication,” Ford said.
The ongoing exposure has once again placed AT&T in the cybersecurity spotlight. Experts like Thomas Richards from Black Duck warned that with birth dates and SSNs compromised, attackers can easily impersonate AT&T customers. While AT&T investigates, customers are left wondering how their personal data ended up in the hands of cybercriminals — again. This latest breach underscores the growing need for stronger data protection policies, especially for tech giants like AT&T that handle massive volumes of personal data.
To delve deeper into this topic, please read the full article Bank info Security.
