AT&T Data Leak Tied SSNs, Birth Dates to 49M Users

A threat actor has resurfaced data stolen from a 2021 AT&T breach, this time combining previously separate files to intensify privacy risks for millions. The restructured leak links Social Security numbers and dates of birth to individual phone numbers, potentially exposing sensitive information of up to 49 million users. Originally part of a breach that affected 70 million customers, the repackaged dataset heightens concerns over identity theft and fraud.

The data, now more easily searchable and identifiable, enables malicious actors to directly associate personal identifiers with specific individuals. While the original breach was already significant, this new version of the leak amplifies the potential for exploitation by combining fragmented data into a more coherent and actionable format.

AT&T has not provided a new statement regarding the repackaged leak. The incident underscores ongoing challenges in safeguarding customer data long after an initial breach, as cybercriminals continue to find ways to extract value from old datasets.