Listen to the article
AT&T Reaches $177 Million Settlement for Data Breaches, Claims Deadline Approaches
AT&T has agreed to pay $177 million to settle lawsuits related to two major data breaches that exposed the personal information of millions of customers. With the December 18 deadline for filing claims approaching, affected customers have just over a month to submit their applications for compensation.
The telecommunications giant faced numerous lawsuits across the United States after disclosing that sensitive customer data, including Social Security numbers and call records, had been compromised in separate breaches. These lawsuits were eventually consolidated in U.S. District Court in Texas, where the settlement was reached earlier this year.
“We have agreed to this settlement to avoid the expense and uncertainty of protracted litigation,” AT&T said in a statement released Thursday. The company emphasized that it “remains committed to protecting our customers’ data and ensuring their continued trust in us,” while continuing to deny any wrongdoing in the matter.
The first breach, disclosed in March 2024, involved data from 2019 or earlier that had been released on the dark web. According to AT&T, this incident affected approximately 7.6 million current customers and 65.4 million former account holders. The compromised information included highly sensitive data such as Social Security numbers and passcodes, raising serious concerns about potential identity theft and fraud.
The second breach, which AT&T revealed in July 2024, involved call and text records from May through October 2022, plus a small subset from January 2023. The company discovered that data had been “illegally downloaded from our workspace on a third-party cloud platform” in April 2023. While this breach included phone numbers and call records, AT&T maintained that it did not expose the actual content of communications or other personally identifiable information.
These incidents highlight the growing vulnerability of telecommunications companies, which store vast amounts of sensitive customer data. The telecommunications sector has become an increasingly attractive target for cybercriminals due to the valuable personal information these companies maintain and the critical infrastructure they operate.
The settlement allocates $149 million for victims of the first breach and $28 million for those affected by the second incident. According to the settlement administrator’s website, customers impacted by the first breach may be eligible for compensation of up to $5,000, while those affected by the second breach could receive up to $2,500.
Some customers may qualify as “overlap settlement class members” if they were affected by both breaches, potentially making them eligible for payments from both funds. However, the final payment amounts will vary based on documented losses from each claimant, the total number of claims received, and additional costs such as attorney fees.
The settlement still requires final approval from the court, with a hearing scheduled for January 15, 2026. In the meantime, eligible consumers must file their claims either online or by mail before the December 18 deadline.
Affected customers can visit the website of Kroll Settlement Administration, the designated settlement administrator, to learn more about the process and submit their claims. Class members also have the option to opt out or file an objection to the settlement before November 17.
This settlement comes amid increasing regulatory scrutiny and consumer concern over data privacy practices across industries. For telecommunications companies like AT&T, which handle massive amounts of sensitive customer information daily, the incident serves as a costly reminder of the importance of robust cybersecurity measures and transparent breach response protocols.
Fact Checker
Verify the accuracy of this article using The Disinformation Commission analysis and real-time sources.
10 Comments
Data breaches are a major concern these days. I hope AT&T has learned from this experience and will strengthen its cybersecurity measures to prevent future incidents.
Agreed. Consumers need to be vigilant about protecting their personal information, especially with large companies that handle so much sensitive data.
I hope the affected AT&T customers are able to successfully claim their portion of this settlement. Data breaches can be very stressful and disruptive for those impacted.
This is a significant data breach settlement, and it’s good to see AT&T being held accountable. Customers affected should definitely look into claiming their share of the $177 million payout.
It’s good to see companies being held accountable for data breaches, but it’s unfortunate that these types of incidents keep happening. Improved data security should be a top priority.
While the settlement amount is substantial, I wonder how it compares to the actual damages suffered by affected customers. Hopefully the claims process ensures fair compensation.
I’m curious to know more about the specific factors that led to these data breaches at AT&T. Understanding the root causes could help prevent similar incidents in the future.
This is a cautionary tale for all companies that handle sensitive customer data. Robust cybersecurity measures and transparency are essential to maintaining consumer trust.
Data breaches are becoming all too common these days. I hope the settlement and payout process serves as a lesson for AT&T and other companies to take data security more seriously.
With the claims deadline approaching, I hope AT&T makes it easy for affected customers to submit their applications. Clear communication is important in situations like this.