Major AT&T leak exposed 31M records, hackers claim

Last updated: 26 May 2025
AT&T customer data breach
Image by Cybernews.

Tens of millions of AT&T’s records, including tax IDs, names, and IP addresses, were leaked online, attackers have claimed. However, researchers believe there’s not enough evidence to support the claim.

The supposed AT&T data breach details were posted on a well-known hacker forum. Attackers claim the dataset includes a whopping 31 million sensitive user records, ranging from full names to customer IP addresses.

We’ve reached out to AT&T for a comment and will update this article once we receive a response.

ADVERTISEMENT
AT&T data leak
Attackers' post about the data breach. Image by Cybernews.

The Cybernews research team investigated the data sample that the attackers included. According to the team, the sample includes:

  • Full customer names
  • Genders
  • Dates of birth
  • Tax IDs
  • Device IDs
  • Cookie IDs
  • IP addresses
  • Full addresses
  • Phone numbers
  • Email addresses

However, researchers note that the sample only includes the following details from a single person, making it impossible to verify whether the full database actually contains 31 million records. Assuming that every user has the same number of details exposed, over 3 million AT&T customers may have had their personal details revealed.

“If there are actually 31 million lines of this kind of information, that's quite a serious breach of user privacy. While we can't really confirm the breach without a proper sample file, the attacker was pretty active in May, with tens of posts with all sorts of data,”

researchers said.

“If there are actually 31 million lines of this kind of information, that's quite a serious breach of user privacy. While we can't really confirm the breach without a proper sample file, the attacker was pretty active in May, with tens of posts with all sorts of data,” our researchers said.

If confirmed, the AT&T data breach would pose serious cybersecurity and privacy risks to impacted individuals. There’s enough data for financial fraud, account takeovers, and social engineering attacks. The combinations of data points included in the post enable cybercrooks to impersonate victims, open fraudulent accounts, and even bypass security measures.

AT&T is one of the world’s largest telecommunications companies, with yearly revenue exceeding $122 billion. The company’s vast size puts a massive target on its back, which hackers don’t fail to notice. For example, last April, AT&T said that its customer data was illegally downloaded from a third-party cloud platform, with nearly all customers being affected.

ADVERTISEMENT
Stefanie Ernestas Naprys Niamh Ancell BW Paulina Okunyte
Stay informed and get our latest stories on Google News
Google News Follow us
Share
Post
Share
Share
Share
More from Cybernews
Google may drop its latest devices at the end of this summer
Modern misogyny: AI advises women to seek lower salaries than men
Meta AI leak gave access to AI prompts and answers from other users
TikTok, AliExpress, and WeChat violate EU privacy laws, data protection group claims
Three-person IVF helps prevent inherited diseases, scientists say
China-linked hackers ramp up attacks on Taiwan’s chip industry, researchers report
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked