Staying Fit
In this story
Investigation continues • AT&T’s actions • What to do • Other companies, too
AT&T is still investigating a massive data breach the nation’s largest wireless carrier disclosed over the weekend, but what we know so far is troubling.
A dataset of Social Security numbers, birth dates, AT&T account numbers and passcodes, email addresses and other sensitive personal information was discovered on the “dark web” two weeks prior. The dark web is a space where content is intentionally concealed and criminals can anonymously buy and sell illegal goods and private information.
AARP Membership— $12 for your first year when you sign up for Automatic Renewal
Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine.
And the data, which AT&T said appears to be from 2019 or earlier, affects about 7.6 million current AT&T account holders and 65.4 million former customers.
What AT&T is doing to tackle the problem
If you pick up your smartphone to find that the device wants you to reset your passcode, typically four to six numerals that are a personal identification number, that’s because AT&T has reason to believe your information has been compromised. The company says it has already pushed a reset to current users’ passcodes.
Beyond its investigation into the cause of the just-disclosed breach, AT&T said it is reaching out via mail or email to consumers who have been affected. The company will be offering these folks complimentary credit monitoring and identity theft services.
The company hasn’t explained why information from so many more ex-account holders was discovered than present subscribers, but undoubtedly many of these people are older adults.
A little less than a fifth, 19 percent, of AT&T’s current subscribers are older than 60, according to the latest weekly survey from telecom analyst Roger Entner of Recon Analytics in Dedham, Massachusetts. That compares to a little more than a fifth, 22 percent, of Verizon’s customers and about a sixth, 17 percent, of T-Mobile’s.
AT&T hasn’t yet determined whether the breach originated from AT&T itself or from one of its outside vendors. The company added that it has uncovered no evidence so far of unauthorized access to its systems.
What you can do to be proactive
Take action even if you think your data is safe and practice strong cybersecurity hygiene. Reset all your passwords and numerical passcodes regularly and avoid using the same or similar ones across multiple accounts.
To update your AT&T passcode, navigate to my AT&T Profile and sign in. Scroll to My linked accounts | Edit and follow the prompts.
More From AARP
Why Aren’t You Using a Password Manager?
Your first line of defense against cybercriminals
Bye-Bye, Passwords? Why Passkeys Can Be the New Way to Log Into Apps, Sites
Companies look for high-tech ways to block criminals from our private information
Data Breach Exposes Data on 600,000-plus Medicare Beneficiaries
Cyberhack goes well beyond Medicare
Recommended for You