Saturday, 18 October 2025
32.3 C
Singapore
34.8 C
Thailand
31.1 C
Indonesia
29.7 C
Philippines

AT&T resets millions of passcodes following a massive customer data leak

AT&T has reset millions of customer passcodes after a massive data leak, affecting current and former users' sensitive information.

In an unprecedented move, AT&T has initiated a mass reset of customer account passcodes after a significant data breach saw millions of its users’ records leaked online. This step was taken swiftly after TechCrunch reported the incident to AT&T, uncovering that the leaked cache contained encrypted passcodes, potentially threatening customer account security. This article delves into the details of the breach, its implications, and the measures AT&T has undertaken to secure its customers’ data.

A breach of significant scale

Earlier this month, a considerable volume of AT&T customer records was dumped on the internet, sparking immediate concern. The breach, which came to light after TechCrunch’s report, contained encrypted passcodes that, if decrypted, could allow unauthorized access to customer accounts. A security expert who closely analyzed the leaked data-informed TechCrunch that the encrypted passcodes could be easily deciphered, prompting immediate action from AT&T.

In response, AT&T stated on Saturday that it had launched an extensive investigation with the help of cybersecurity specialists, both from within and outside the company. Preliminary findings suggest that the data dates back to 2019 or earlier, affecting around 7.6 million current and approximately 65.4 million former AT&T customers. Despite the breach, AT&T reassures that there’s no evidence to suggest any unauthorized system access that could have led to the data leak.

This incident marks AT&T’s first acknowledgement of a data breach affecting its customers, three years after a hacker claimed to have stolen the records of 73 million AT&T users. Although AT&T had previously denied any system breach, the source of the leak remains unidentified. The telecom giant has stated that it’s unclear whether the data originated from AT&T or one of its vendors.

The implications of the leak

The leaked data includes sensitive information such as customer names, home addresses, phone numbers, dates of birth, and Social Security numbers. Security researcher Sam “Chick3nman” Croley disclosed that the dataset included encrypted account passcodes, which he analyzed without breaking the encryption cypher.

Croley’s investigation revealed about 10,000 unique encrypted values, corresponding to the range of possible four-digit passcodes, with a few exceptions for accounts with longer passcodes. This discovery indicated a lack of randomness in the encrypted data, making it possible to guess a customer’s passcode based on other information within the dataset.

What AT&T is doing

In light of these findings, AT&T has proactively reset the account passcodes of the 7.6 million affected current customers and has committed to reaching out to current and former customers whose personal information was compromised. Customers are also encouraged to take additional steps to secure their accounts, as detailed in AT&T’s security advice post.

This breach serves as a stark reminder of the importance of digital security and the potential vulnerabilities that come with it. For customers, it underscores the need for vigilance and the adoption of robust security measures to protect their personal and financial information.

Hot this week

ASUS launches Ascent GX10 personal AI supercomputer

ASUS launches the Ascent GX10 personal AI supercomputer, delivering petaflop-scale performance in a compact desktop form.

NetApp launches new enterprise-grade AI data platform with NVIDIA integration

NetApp launches AFX and AI Data Engine with NVIDIA integration to simplify AI data pipelines and power enterprise AI innovation.

Semperis unveils cyberwar documentary spotlighting global defenders and reformed hackers

Semperis unveils Midnight in the War Room, a documentary revealing the human stories behind the global fight against cyber threats.

ASUS wins 15 accolades at Good Design Awards 2025

ASUS secures 15 wins at the Good Design Awards 2025, leading Taiwan and the ICT category with innovative, user-focused products.

Singaporean invention transforming diabetes care shortlisted for global James Dyson Award

Singaporean inventor Zoey Chan’s insulin needle organiser ‘nido’ shortlisted for the global James Dyson Award.

Nintendo accelerates Switch 2 production as demand remains strong

Nintendo ramps up Switch 2 production to meet soaring demand, aiming to sell up to 25 million units by March 2026.

Microsoft warns of rising AI-driven cyber threats in 2025 defence report

Microsoft’s 2025 Digital Defense Report warns of rising AI-driven cyber threats, a growing cybercrime economy, and evolving nation-state tactics.

HPE and Ericsson launch joint validation lab for next-generation 5G core networks

HPE and Ericsson launch a joint validation lab to develop and test cloud-native dual-mode 5G core solutions for seamless multi-vendor deployments.

Microsoft brings AI to every Windows 11 PC with new Copilot features

Microsoft’s latest Windows 11 update brings Copilot AI to every PC, adding natural voice interaction, automation, and enhanced security.

Related Articles