Yes. The AT&T breach occurred on April 12, 2024, affecting 73 million records.

What data was exposed in the AT&T breach?

In 2024, AT&T suffered a massive breach exposing call and text records of nearly all customers. Learn what data was exposed and how to protect yourself.

What should I do if I was affected by the AT&T data breach?

Check if your data was exposed using our free tool, change your passwords, enable two-factor authentication, and monitor your accounts for suspicious activity.

AT&T Data Breach

Critical Severity 73 million records affected Published February 10, 2026

Company	AT&T
Breach Date	April 12, 2024
Disclosure Date	July 12, 2024
Records Affected	73 million

In 2024, AT&T disclosed two separate data breaches. The first, revealed in March, involved personal data of 73 million current and former customers found on the dark web. The second, disclosed in July, exposed call and text metadata for nearly all AT&T wireless customers over a six-month period in 2022.

What Happened

AT&T confirmed in March 2024 that a dataset containing personal information of approximately 73 million customers had been published on the dark web. The data appeared to originate from 2019 or earlier. Then in July 2024, AT&T disclosed that hackers had accessed call and text records for nearly all wireless customers by exploiting a third-party cloud platform (Snowflake). The stolen metadata covered a period from May to October 2022 and included phone numbers called or texted, call durations, and cell site identification numbers.

What Data Was Exposed

Full names
Email addresses
Mailing addresses
Phone numbers
Social Security numbers
Dates of birth
AT&T account numbers
AT&T passcodes
Call and text metadata (numbers, durations, cell site IDs)

Who Is Affected

The breach affected approximately 73 million current and former AT&T customers for the first incident and nearly all AT&T wireless customers (approximately 110 million) for the call records breach. If you were an AT&T wireless customer between May and October 2022, your call and text metadata was likely exposed.

How to Check If You Were Affected

AT&T notified affected customers directly via email or mail. You can also check if your email was involved by visiting HaveIBeenPwned.com. Log into your AT&T account at att.com to check for any security alerts or notifications. If you were an AT&T wireless customer during May-October 2022, assume your call metadata was affected.

What You Should Do Now

Reset your AT&T account passcode immediately
Place a credit freeze with all three credit bureaus (Equifax, Experian, TransUnion)
Monitor your credit reports for unauthorized accounts
Enable multi-factor authentication on your AT&T account
Be vigilant for phishing attempts using your exposed personal details
Consider identity theft protection services
File an identity theft report with the FTC if you notice suspicious activity

Last updated: February 10, 2026