Nessel Email Header
FOR IMMEDIATE RELEASE:

April 3, 2024

Media Contact:
Danny Wimmer

AG Nessel Re-Issues Data Breach Alert Following AT&T Data Breach

LANSING – Michigan Attorney General Dana Nessel is alerting Michigan consumers to a massive data breach affecting millions of current AT&T customers and tens of millions more former account holders nationwide. Nessel wants those whose information may have been compromised in the recent AT&T data breach to know what steps they can take to protect their data from scammers and identity thieves.

“If you have ever held an account with AT&T, we strongly recommend you take simple precautions now to protect yourself against this significant breach,” Nessel said. “Obviously, current customers should change their AT&T login credentials immediately and update any other accounts where you use the same or similar passcodes, passwords or security questions, but so too should former customers consider taking these steps. All customers who receive notice should take this seriously, this data is already available on the dark web, which indicates the involvement of fraudsters and criminals.”

AT&T disclosed March 30th that customer account information appeared in a large dataset released on the dark web that month, impacting approximately 7.6 million current AT&T account holders and more than 60 million former account holders. According to AT&T, the dataset appears to be from 2019 or earlier and contains information such as Social Security numbers and 4-digit numerical PIN passcodes. Full names, email addresses, mailing addresses, phone numbers, dates of birth, and AT&T account numbers may have also been compromised.

AT&T intends to notify customers via email or letter and encourages current and former customers with questions to visit their website for more information. Michigan law does not require companies to notify the Attorney General’s office of data breaches, and the number of affected Michigan consumers is unknown. Former customers with sensitive data attached to older accounts should take protective measures as outlined in the guidance below now and not await an official notice from AT&T, who may not have accurate or current contact information in their records.

The Department of Attorney General’s Data Breaches: What to do Next alert provides consumers with useful information about what kind of information can be accessed during a data breach. The U.S. Federal Trade Commission also has consumer guidance available for creating strong passwords and securing your accounts.

“My department has resources available online to help those impacted, and my consumer protection team is ready to assist any Michigan resident who may become a victim of identity theft due to this breach,” Nessel continued.

Consumers can protect themselves during a data breach by taking the following actions:

  • Watch out for phishing emails;
  • Strengthen or change your passwords;
  • Do not retain unnecessary data or files;
  • Use multifactor authentication on devices and accounts;
  • Consider locking your credit to prevent unauthorized activity; and
  • Review your credit report often. Take advantage of free weekly credit reports from each of the three main credit reporting agencies: Equifax, Experian, and TransUnion by contacting the Annual Credit Report website.

To file a complaint with the Attorney General, or get additional information, contact:

Consumer Protection Team
P.O. Box 30213
Lansing, MI 48909
517-335-7599
Fax: 517-241-3771
Toll-free: 877-765-8388
Online complaint form