Insights from the AT&T Data Breach for SMBs

at&t databreach

Recently, AT&T confirmed a significant data breach affecting millions of users. The breach, revealed on March 30, involved a large dataset found on the dark web, raising concerns over the security of personal information, including social security numbers, email addresses, and phone numbers. Financial details and call histories were reportedly not compromised. The company’s investigation is ongoing, as efforts continue to determine where the data originated from.

AT&T Company Statement

AT&T released the following statement:

AT&T has determined that AT&T data-specific fields were contained in a dataset released on the dark web approximately two weeks ago. While AT&T has made this determination, it is not yet known whether the data in those fields originated from AT&T or one of its vendors. With respect to the balance of the dataset, which includes personal information such as social security numbers, the source of the data is still being assessed.

Customers are encouraged to “remain vigilant by monitoring account activity and credit reports. You can set up free fraud alerts from nationwide credit bureaus — Equifax, Experian, and TransUnion.”

The company reported that they will be “offering credit monitoring at our expense where applicable.”

Who The AT&T Data Breach Affects

The breach has a far-reaching impact, affecting approximately 7.6 million current and 65.4 million former account holders, with the compromised data dating back to 2019 or earlier. In response, AT&T has initiated customer notifications and emphasized the importance of vigilance in monitoring account activity and setting up fraud alerts. If you are a current or former customer with questions, you are directed to visit for more information.

What Customers Should Do Now

To mitigate the breach’s impact, AT&T has taken proactive steps, including resetting leaked passcodes. As a customer, it’s crucial to:

  • Enable multifactor authentication on your account.
  • Create difficult-to-guess passwords for all related accounts.
  • Stay alert to potential scam attempts, such as look-alike emails or calls. Always refer to the company’s official website for reliable contact information and updates on this event.

A History of Challenges

This incident adds to a series of cybersecurity challenges faced by AT&T, including a previous allegation of a data breach in 2021 and a network outage earlier this year. These events have contributed to legal scrutiny and raised questions about the company’s data protection practices.

What Your SMB Can Learn From This

The Small Ones Don't Make The News

Data breaches are being announced by major businesses every day. As a business owner, it should serve as a wake-up call. With cyber threats on the rise, it’s crucial not to wait until a breach hits close to home before implementing security measures.

Recovery After a Hack Is Difficult

AT&T, a large corporation, navigates through breaches with considerable resources, but not all businesses are as fortunate. Consider this: 60 percent of small companies close within six months of being hacked.

You Can't Avoid the Consequences

The consequences of a data breach are severe, impacting customers profoundly.

Imagine having your private information leaked online with no fault of your own. Leaked data could cause identity theft, financial loss, and emotional distress.

Your customers will not be so forgiving and future customers will have hesitations about doing business with you.

Once your reputation is damaged, it can be difficult to restore trust with the public. 

Frequently, businesses and customers alike may not be aware of a breach until it’s too late. This leaves personal information vulnerable to cybercriminals and your business labeled as careless.

You Are Legally Required to Protect Data

 The responsibility to protect customer data lies with you. Failures can lead to lawsuits or significant fines, especially with legal requirements such as the NY SHIELD Act demanding the safeguarding of personally identifiable information.

Don’t Do Cybersecurity Alone

For SMBs, the AT&T breach underscores the necessity of comprehensive data protection strategies. Implementing security measures, such as encryption and access controls, and fostering a culture of cybersecurity awareness are essential steps in reducing the risk of a data breach.

In 2023, Sophos reported that 75% of cybersecurity incident responses involved SMBs. This is largely due to SMBs having limited access to experienced security personnel and inadequate investment in cybersecurity.

Secure Your Data with Just Solutions

Just Solutions offers specialized services to help SMBs strengthen their security posture, from network protection to vulnerability assessments, ensuring your business remains resilient in the face of cyber threats. Don’t wait for a breach to strike. Secure your business against tomorrow’s threats today. For more information on developing a cybersecurity plan, contact Just Solutions or send us an email at