Data Breach

AT&T Nationwide Data Breach Class Action

AT&T Nationwide Data Breach Class Action — Data Breach class action lawsuit

Case Overview

In March 2024, AT&T confirmed that a dataset containing the personal information of approximately 73 million current and former customers had been published on the dark web. The exposed records — believed to stem from a breach dating as far back as 2021 — included full names, home addresses, phone numbers, dates of birth, email addresses, Social Security numbers, and AT&T account passcodes. The company initially denied ownership of the dataset when it first surfaced in 2021, only acknowledging the breach three years later after independent security researchers confirmed the data's authenticity. Critics condemned the multi-year delay as a serious failure of corporate responsibility.

Class action plaintiffs allege that AT&T was negligent in protecting customer data, violated the Federal Communications Act's duty to protect customer proprietary network information (CPNI), and ran afoul of multiple state consumer protection and data breach notification statutes by failing to timely alert affected individuals. The lawsuits seek damages for the ongoing risk of identity theft, fraudulent account openings, and financial harm that victims face as a result of the exposure of their most sensitive identifiers. With an estimated 73 million affected individuals, this ranks among the largest telecommunications data breaches in U.S. history.

Who May Qualify

You may be eligible if you are a current or former AT&T customer who was notified that your personal information — including your Social Security number, date of birth, or account passcode — was included in the 2024 dark web data disclosure.

Frequently Asked Questions

How do I know if my AT&T data was breached?

AT&T began notifying approximately 73 million affected current and former customers by email and mail in March and April 2024. If you received a notification, your data was exposed. You can also check AT&T's website or call customer support to confirm whether your account was affected.

What information was stolen in the AT&T breach?

The stolen data reportedly includes full names, home addresses, phone numbers, dates of birth, email addresses, Social Security numbers, and encrypted AT&T account passcodes. AT&T confirmed that the passcodes were compromised and advised all affected customers to reset them immediately.

Has AT&T offered any compensation for the data breach?

As of mid-2025, AT&T has not announced a public settlement for the class action lawsuits. Litigation is ongoing in federal court in Texas. Affected customers should monitor the case for settlement announcements and can consult a class action attorney to understand their rights.

Related Cases

Ticketmaster / Live Nation Data Breach Class Action — Data Breach class action lawsuit

Ticketmaster / Live Nation Data Breach Class Action

Current
Data Breach
Following a massive breach of Ticketmaster's database by hacking group ShinyHunters, class action lawsuits allege Live Nation failed to adequately secure the personal and financial data of over 560 million customers worldwide.
TikTok / ByteDance Biometric Data & Minor Privacy Class Action Settlement — Data Breach class action lawsuit

TikTok / ByteDance Biometric Data & Minor Privacy Class Action Settlement

Past
Data Breach
TikTok agreed to pay $92 million to settle claims that it secretly harvested biometric data—including faceprints and voiceprints—from millions of users, including minors, without consent in violation of Illinois BIPA and federal privacy laws.
Marriott International Repeated Data Breach Class Action — Data Breach class action lawsuit

Marriott International Repeated Data Breach Class Action

Current
Data Breach
Consolidated class action arising from Marriott's massive Starwood guest reservation database breach exposing up to 500 million guests' personal and passport data, followed by a second breach in 2020 affecting 5.2 million additional guests.