Cybersecurity experts are urging AT&T customers to ramp up their security measures, such as changing their passwords, following a data breach that impacted 73 million current and former accounts.
Bob Huber, chief security officer of cybersecurity company Tenable, told FOX Business that “affected customers should change their passwords immediately and set up two-factor authentication where possible.”
The company said it is assessing the breach and whether the data, which was leaked to the dark web two weeks ago and includes Social Security numbers, came from AT&T itself or one of its vendors.
AT&T DATA BREACH EXPOSES 73 MILLION CURRENT, FORMER ACCOUNTS ON DARK WEB, COMPANY SAYS
The data appears to be from 2019 or earlier, cybersecurity experts hired by AT&T to do a “robust investigation” found, affecting 7.6 million current account holders, and approximately 65.4 million former account holders.
Consumers “have the tools to regain control over leaked personal information right in front of us,” Tazin Khan, founder of Cyber Collective, told FOX Business.
NEW YORK AG OPENS INVESTIGATION INTO RECENT AT&T OUTAGE
Huber and Khan said customers should check their inbox for any breach notifications from AT&T. Customers can also use reputable services like “Have I Been Pwned” to see if their email or phone number is part of a data breach, Khan said.
Ticker | Security | Last | Change | Change % |
---|---|---|---|---|
T | AT&T INC. | 17.50 | -0.10 | -0.57% |
Protecting yourself after a data breach
When you change your AT&T account password, remember to change any other account that uses the same password, Khan said.
She also warned that customers need to “be wary of phishing attempts; never click on suspicious links or provide personal information in response to unsolicited communications.”
Due to the fact that there was a breach of Social Security numbers, it’s also important to contact major credit reporting agencies in order to place fraud alerts and credit freezes on accounts, according to Khan.
Customers should also monitor credit reports for unusual activity, Huber and Khan said. This should be done across all financial accounts.
Impacted customers can also call their banks to alert them about the breach and not to authorize any changes in an account.
“I also recommend changing the answers to all of your security questions for your banks, credit card accounts and internet and phone services,” Khan added.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
As an extra step, customers can also report the incident to the Federal Trade Commission (FTC) through their identity theft reporting website in order to get ahead of the breached Social Security number, according to Khan.