Is AT&T going to be sued and fined for neglecting its users' private data? Or is it going to settle to pay out compensations to numerous users again, like it recently did?
This could very well happen, if another AT&T breach occurs – and SOCRadar's Dark Web Team has come across a new listing on the dark web that advertises what is described as unauthorized access to AT&T's internal systems.
The individual (or individuals) behind the post claims to have maintained undetected, long-term access within the company's Tier 1 infrastructure by deploying a custom load that has remained active for over three weeks. The post further states that this access allegedly provides visibility into more than 24 million active customer accounts, with the ability to fully read, write, and sync data in real time.
Are you still surprised that private data breaches occur?
Yes.
100%
Only at times.
0%
No, such are the times.
0%
A screenshot was shared as proof, and the access is being offered for sale at a price of $100,000, with payment only accepted in crypto.
The "currency" is not surprising, given that dark web marketplaces first gained traction with Silk Road in 2011, which accepted Bitcoin as payment and coincided with a major surge in the currency's value. Over time, Monero emerged as a secondary option, favored for its advanced privacy features like ring signatures that obscure transactions. These qualities have made cryptocurrencies a cornerstone of cybercrime for more than a decade.
AT&T definitely has experience with data breaches
In 2023, AT&T faced major data breaches that exposed information from tens of millions of customers, leading to a class-action lawsuit. The company agreed to settle for $177 million, a deal recently approved by US District Judge Ada Brown in Dallas, who described the outcome as fair and reasonable.
The breaches, disclosed in May and July, allowed access to call logs, texts, and personal details of current and former customers. Victims able to show financial losses tied directly to the incidents may receive up to $5,000, while others whose data was accessed will receive smaller payments. AT&T has denied responsibility, saying it agreed to settle only to avoid lengthy litigation. Payouts are expected in early 2026 once final approval is granted.
While we deny the allegations in these lawsuits that we were responsible for these criminal acts, we have agreed to this settlement to avoid the expense and uncertainty of protracted litigation.
– AT&T to Nexstar via email, 2025
Recommended Stories
One of the breaches involved call and text data stored on the Snowflake cloud platform, while another surfaced in March 2024, tied to data released on the dark web affecting 7.6 million current and 65.4 million former customers. The FCC is also investigating why an expired AT&T cloud vendor retained and later exposed data from 8.9 million customers dating back to 2015–2017, information that should have been deleted years earlier. For that incident, AT&T agreed to pay a $13 million FCC fine.
"Iconic Phones" is coming this Fall!
Good news everyone! Over the past year we've been working on an exciting passion project of ours and we're thrilled to announce it will be ready to release in just a few short months.
"Iconic Phones: Revolution at Your Fingertips" is a must-have coffee table book for every tech-head that will bring you on a journey to relive the greatest technological revolution of the 21st century. For more details, simply follow the link below!
Sebastian, a veteran of a tech writer with over 15 years of experience in media and marketing, blends his lifelong fascination with writing and technology to provide valuable insights into the realm of mobile devices. Embracing the evolution from PCs to smartphones, he harbors a special appreciation for the Google Pixel line due to their superior camera capabilities. Known for his engaging storytelling style, sprinkled with rich literary and film references, Sebastian critically explores the impact of technology on society, while also perpetually seeking out the next great tech deal, making him a distinct and relatable voice in the tech world.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts:
New accounts created within the last 24 hours may experience restrictions on how frequently they can
post or comment.
These limits are in place as a precaution and will automatically lift.
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: