A massive data breach involving AT&T, with hackers allegedly leaking personal information of 86 million customers. Hackers claimed to have successfully decrypted previously protected Social Security numbers and released the information on cybercrime forums.
The breach, first posted on May 15, 2025, on a well-known Russian cybercrime forum and re-uploaded on June 3, 2025, involved a dataset believed to be from a stolen AT&T database.
After removing duplicates, the dataset contained 86,017,090 unique entries out of a total of 88,320,018 records. The leaked information is extensive, including:
- Full names
- Dates of birth
- Phone numbers
- Email addresses
- Physical addresses
- Social Security numbers (SSNs), with 43,989,219 records containing SSNs.
Breach Summary
| Detail | Information |
|---|---|
| Date of Leak | First posted May 15, 2025, re-uploaded June 3, 2025 |
| Source of Leak | Russian cybercrime forum, later circulated among hackers |
| Claimed Number of Records | 70 million customer records (before deduplication) |
| Actual Unique Records | 86,017,090 unique entries |
| Total Records | 88,320,018 |
| Data Included | Full names, DOB, phone numbers, emails, addresses, 43,989,219 SSNs |
| Encryption Status | SSNs and DOB originally encrypted, now decrypted in plain text |
A critical aspect is that the SSNs and dates of birth, which were originally encrypted, have now been fully decrypted and exposed in plain text. This decryption significantly escalates the risk, as it facilitates identity theft, financial fraud, and social engineering attacks.
This incident is linked to a previous breach in April 2024, where the hacking group ShinyHunters exploited vulnerabilities in Snowflake, a cloud storage platform, affecting 110 million AT&T customers.
However, the current leak is distinct because it includes decrypted SSNs, which were encrypted in the earlier breach. Another related breach occurred in August 2021, claimed by ShinyHunters to affect 70 million AT&T customers, acknowledged by AT&T in April 2024, with data from 2019 or earlier affecting 7.6 million current and 65.4 million former account holders.
Cybersecurity experts warn that the combination of decrypted Social Security numbers with complete personal profiles creates an unprecedented risk for identity theft and financial fraud.
AT&T has not yet issued an official statement confirming or addressing this latest data leak. The company’s silence contrasts with its previous responses to security incidents, where it typically provided public notifications and protective measures for affected customers.
Speed up and enrich threat investigations with Threat Intelligence Lookup! -> 50 trial search requests
Click Here For The Original Source.
