In March 2024, AT&T confirmed that a dataset containing personal information on approximately 73 million people (7.6 million current and 65.4 million former AT&T customers) had been posted on a dark web forum. AT&T initially denied the breach but reversed its position in March 2024 after a security researcher found encrypted passcodes in the leaked archive — and demonstrated those passcodes could be decoded. The data appears to originate from 2019 or earlier. Exposed information included names, addresses, phone numbers, dates of birth, Social Security numbers, and AT&T account passcodes. AT&T reset all affected account passcodes. The origin of the breach (insider, API, or third party) was never publicly confirmed. AT&T agreed to a $177 million class action settlement covering this and the July 2024 Snowflake-linked call metadata breach. Note: This breach is separate from the July 2024 AT&T Snowflake/call records breach, which is separately documented.