AT&T recently disclosed that a security breach in 2022 compromised the data of nearly all its cellular customers, customers of mobile network operators using AT&T’s network, and landline customers who placed calls to or received calls from any of these users.

The security breach has reignited concerns over data privacy for millions, as AT&T has more than 100 million customers in the United States and nearly 2.5 million business accounts.

According to a filing submitted to the U.S. Securities and Exchange Commission, AT&T disclosed that it became aware in April of the unauthorized downloading of customer data from an AT&T workspace hosted on a third-party cloud platform that occurred two years ago.

The breach, not publicly acknowledged by AT&T until July 2024, included records of calls and texts made between May 1, 2022, and October 31, 2022. AT&T claimed that the compromised data did not contain personal information like Social Security numbers or dates of birth. However, AT&T also acknowledged that customer names could potentially be identified through publicly available tools linked to their breached telephone numbers.

AT&T launched an investigation alongside cybersecurity experts to assess the extent of the security breach. The company said it believes the stolen data has not been made publicly available, according to the filing.

Furthermore, AT&T confirmed that similar records from a smaller number of customers were also compromised or stolen on January 2, 2023.

As reported in April, AT&T is fighting 10 class action lawsuits related to a data breach that occurred in 2019, which affected 7.6 million active account holders and 65.4 million former account holders. That breach resulted in the theft of sensitive data, such as names, phone numbers, Social Security numbers, passcodes, and more.

Investor confidence in AT&T has been negatively impacted. The Dallas Morning News reported that the company’s shares fell by more than 2% after the breach was disclosed to the public on Thursday.

AT&T announced that it will reach out to impacted customers, according to USA Today. Customers can also check their accounts online to verify if they have been affected by the security breach.

Per the same USA Today report, AT&T has advised customers to be wary of requests for personal, account, or credit card information via phone calls or texts. Additionally, if fraud is suspected on an AT&T account, customers are encouraged to report it promptly to the company’s fraud team.

If you suspect your banking information has been compromised, the FTC advises contacting your bank to close your account or to cancel your banking card and request a new one.