Here's Why AT&T Reset Millions Of User Passcodes
AT&T confirmed a data breach affecting more than 70 million people. Of those, 7.6 million are current customers. For millions, the company needed to reset passcodes, according to information obtained by TechCrunch.
"To the best of our knowledge, the compromised data appears to be from 2019 or earlier and does not contain personal financial information or call history," the company said in an official notice. AT&T says it will reach out via email or mail to all the affected customers who had sensitive information stolen and put up for sale on the dark web and has already reset their passwords as a precaution, which means they won't have to take any action on their end.
The carrier is also promising "complimentary identity theft and credit monitoring services" to the affected customers. Notably, AT&T promises that the cache of stolen data did not contain details such as call logs or sensitive financial details. However, the information stolen, which varies on a per-user basis, was still enough to execute scams.
How to enable safeguards
AT&T says the stolen customer information may have consisted of details such as mailing address, date of birth, social security number, email address, phone number, full name, and AT&T account credentials. The scale is vast, as the leaked data covered over eight times more former customers compared to the existing base of affected users. "Based on our preliminary analysis, the data set appears to be from 2019 or earlier, impacting approximately 7.6 million current AT&T account holders and 65.4 million former account holders," according to the information TechCrunch reported.
The carrier suggests users can enable fraud alerts for their accounts offered by credit bureaus such Equifax, Experian, and TransUnion. In the wake of the incident and the password reset maneuver, AT&T is advising users to update their account's passcodes, the four-digit numerical pins that exist as a layer of protection on top of their alphanumeric passwords. This can be done by following these steps:
- Log in to your AT&T user profile.
- Click on My linked accounts.
- Tap on the Edit option for passcode. Follow the on-screen prompts and remember to use a fresh combination and not something you've used before.
Additional details about passcode security and recovery can be found on this AT&T support page. AT&T also supports biometric protection for account data, and it can be set up from within the MyAT&T mobile apps by following this path: Manage app settings > Turn on Touch ID / Fingerprint Access.