Just checked my e-mail and the AT&T notification was there that my password was compromised and they had reset it.
After reading all the news articles and reports about this breach here are some highlights: -The breach involves data from 2019 and earlier, and contains information on 7.6 million current and 65.4 million former customers. -The data includes customer's social security numbers, full names, email and mailing addresses, phone numbers, and dates of birth, as well as AT&T account numbers and passcodes. The social security numbers and passcodes are unencrypted, so the encryption key was either stolen or cracked. -The data breach is not recent but occurred a few years ago. In August 2021, a small sample of the records were posted and a hacking group was asking money for the rest. The whole set of data has now been dumped on the net. That means sensitive information of 73 million At&t's customers has been floating around since 2021. -In 2021 At&t had denied that any of its systems were compromised. They are still denying that any of their systems were or are compromised.... This is absurd, because it means that someone can obtain At&t customer's sensitive data without actually having to break into At&t systems first!
'Nearly all' AT&T customers' data stolen in huge breach CANDACE HATHAWAY July12, 2024 https://www.theblaze.com/news/nearly-all-att-customers-data-stolen-in-huge-breach
Well since these big tech and communication outfits are ever so generous anymore, inform them we can throw in our socks & dirty under garments as well as other laundry too. Why not? They free giveaway your info and timeline habits then call it a breach/hack.
Even if this data was not stolen and was 'safely' retained, this is personal information that these companies and organizations should never be allowed access to, in the first place. This massive data release will have an impact on millions of people in terms of their privacy and security, now and going into the future (for many, their whole lives) and can't be undone by changing passwords. We have vital aspects of our life snatched away, by force, stealth and propagated practices by entities (private or governmental) that have never had our best interest as a primary precept and things need to change. I hope that we will see some accountability and justice in these matters. Our expectations have been manipulated (by the usual methods of 'carrot and stick'), that this level of invasive intrusion, is somehow, normal. I hope that class actions occur in situations like this and there are legislative changes and this is not swept under the carpet, shrugged off or ignored. As part of a governmental, judicial or class action true impact assessments should be made and a stop be put to this now and not some time in the distant future.. Financial compensation is not enough in these cases.
The real question is who gave AT&T permission to store such sensitive data like the cell sites IDs associated with a customer's phone number for over two years? So when a customer is driving for example, and their phone switches from one cell tower to the next, AT&T logs and retains this data for multiple years! Why? Anybody with access to this data can easily tell where the said customer was two years ago, which route they took from home to work, and where else they traveled to! And imagine that people are concerned about ad tracking companies tracking their online browsing habits, when this nonsense is going on!
