AT&T disclosed two major breaches in 2024 affecting hundreds of millions of current and former customers. The first breach exposed personal information tied to approximately 73 million accounts after a dataset appeared on the dark web in March 2024. A second incident in July 2024 compromised call and text metadata of roughly 110 million wireless subscribers via a third-party cloud platform.
If you’re wondering, “How do I know if AT&T leaked my data?”, this guide explains how to check whether you were affected, what information may have been exposed, and what steps to take next.
AT&T Leaked Information: Which Data Was Compromised?
The two breaches exposed different types of information, so the first step is to understand which data is compromised and which time period it spans. This will give you a better idea of whether you could be one of the affected people.
Here are the answers to the most important questions about leaked information from the AT&T breaches:
Who Was Affected by the AT&T Breaches?
AT&T stated that affected customers would be notified directly by email, text message, or postal mail. If you received a notification from AT&T regarding the March or July 2024 incidents, your data was likely involved in the breach.
However, not all affected users were successfully notified. Outdated contact details, spam filtering, and the sheer scale of the breaches meant some customers may never have received an alert.
Even if you were not contacted directly, your data may have been compromised if you were:
- An AT&T wireless customer at any point between May 2023 and January 2023
- A landline customer who made calls to or received calls from AT&T wireless customers during the affected period
- A current or former AT&T account at any point before 2020
- A user of a mobile virtual network operator (MVNO) that runs on AT&T’s network, such as Boost Mobile or Cricket Wireless
How To Find Out if My Data Was Breached During the Attacks on AT&T
The quickest way to find out if your data was compromised is to check directly with AT&T. Even though the breach happened a couple of years ago, you still have the right to request information about your involvement in the breach.
You can verify whether your data was compromised in either the March or July breaches in one of the following ways:
- Check your email inbox and spam folder for any past messages from AT&T referencing a data breach.
- Contact AT&T customer service at 1-800-331-0500 or via live chat and ask whether your account was involved in any of the breaches.
- Pull your free credit reports and look for accounts or inquiries you don’t recognize.
- Use Penterester’s AT&T breach check and search by your phone number.
What To Do if ATT Leaked My Data
Even though the breach happened in 2024, stolen data can be resold on the dark web or used years after the incident. If you have confirmed that your data was exposed, it’s not too late to act.
The actions below can help with immediate damage control and stop potential misuse:
- Reset your AT&T account passcode and password: Numerical PINs were exposed in the March breach, so changing yours cuts off any access tied to your old credentials.
- Place a fraud alert with one of the three major credit bureaus: Once you file a fraud alert with Equifax, Experian, or TransUnion, they are required to notify the other two automatically.
- Contact your bank and credit card provider: Let your bank know that your personal information may have been compromised and ask them to flag your account for suspicious activity.
- Report identity theft to the Federal Trade Commission (FTC): If you find any evidence of misuse, such as unfamiliar accounts, unauthorized charges, or suspicious inquiries on your credit report, file a report with the FTC.
Can I Join a Settlement if ATT Leaked My Information?
The deadline for filing a claim for the data breach settlement passed on December 18, 2025.
The final approval hearing was held on January 15, 2026. While AT&T didn’t admit any wrongdoing as part of the agreement, it reached a $177 million class action settlement covering both breaches. Claims are now being processed while the court considers approval.
If you filed a claim before the deadline, the best thing to do now is monitor the official settlement website for updates on court approval and payment timelines. Even though no official payout date has been announced yet, the payments are expected sometime in 2026.
However, if you didn’t join the class action lawsuit by December 18, it’s no longer possible to do so.
How To Protect My Information From Potential Future Breaches
Experiencing a data breach at a company you trusted is unsettling, but it can also motivate you to take action to protect your personal information. If you want to improve your mobile security and prevent misuse of your data, taking the steps below is a good place to start:
- Request AT&T to limit or delete your data
- Stay alert to phishing and social engineering
- Freeze your credit
- Enable multi-factor authentication (MFA)
- Switch to a privacy-first mobile carrier
Request AT&T To Limit or Delete Your Data
You can limit how much data AT&T retains about you, reducing the amount that could be exposed in a future breach. Under the California Consumer Privacy Act (CCPA) and other state privacy laws, AT&T is required to honor consumers' requests to limit how their data is used or to have it deleted.
If that’s something you want to do, here are your options:
- Submit an AT&T data request to get your personal information deleted or opt out of the sale or sharing of your personal information.
- Use the Manage Cookies settings to disable data sharing for marketing and advertising purposes
- Update your preferences in Choices and Controls to limit how AT&T uses your data for marketing.
Keep in mind that even if you request AT&T to delete your data, the company still has the right to retain information needed for security, compliance, and running the business.
Stay Alert to Phishing and Social Engineering
The breached data is often used to create convincing fake messages. A scammer who knows your name, phone number, and carrier can write a believable email or text to trick you into handing over sensitive information or clicking a malicious link.
Some of the common tactics include:
- Fake AT&T security alerts
- Messages asking you to verify account details
- Calls pretending to be from your bank
To avoid falling in those traps, never click links or provide information in response to unsolicited contact. If something looks urgent, it’s safer to use AT&T’s app or official website to contact them.
Freeze Your Credit
A credit freeze blocks anyone from opening new credit lines in your name, including identity thieves. If your SSN was part of the March breach, this is one of the most effective steps you can take to protect yourself.
The process is free, and you can set it up by calling one of the three bureaus or do it online in a few minutes:
When you need to apply for a loan, open a new credit card, or complete another credit check, you can temporarily lift the freeze online in just a few minutes. A credit freeze also won’t affect your existing accounts or your credit score.
Enable Multi-Factor Authentication (MFA)
If someone gains access to your leaked data, multi-factor authentication (MFA) can help prevent them from taking over your accounts. MFA adds an extra verification step during login, so a password alone isn’t enough to gain access.
Enable MFA on every account that supports it, especially your AT&T account, email, banking apps, and other sensitive services. Because phone numbers can be targeted through SIM-swapping attacks, it’s safer to use authenticator apps like Google Authenticator instead of SMS-based verification codes.
Switch to a Privacy-First Mobile Carrier
Security tools and account protections like AT&T’s ActiveArmour can help reduce risk, but they don’t change how much personal data mobile carriers collect and store in the first place. If you want to reduce exposure at the carrier level and avoid having to clean up after a breach, consider a privacy-first carrier like Cape.
Cape follows a minimal data collection approach, limiting the amount of personal information stored beyond what’s necessary to operate the service. It also includes built-in SIM swap protection to help reduce the risk of unauthorized number transfer and takeovers.
Meet Cape: The Secure Carrier Designed for Today’s Threats
We share the most intimate details of our everyday lives with our cell phones. In order to stay connected, our cell phones share that information with local cell networks, and in turn, those cell networks share our data with each other.
While this system is what makes connectivity possible, it was also built with interoperability as its priority, rather than security. The global cell network is vulnerable to a number of threats, as seen through headlines about major carrier data breaches we see time and time again. When major carriers aren’t losing our sensitive personal data in breaches and hacks, they’re actively selling it to ad networks, data brokers, and third parties.
At Cape, we believe that privacy and security shouldn’t have to be sacrificed for connectivity. That’s why we built our service with privacy principles and security features at its core, including:
Cape eliminates the risk of your sensitive data falling into the wrong hands by not even asking for it. When you make your Cape account, we don’t ask for your name, address, or SSN. We only collect the information that’s necessary to provide the service, and we retain it for the least amount of time possible.
During account creation, you receive a unique 24-word phrase that generates a private key tied to your phone number. This pass phrase is required to move your number to a new device or carrier. Nobody else, not even us at Cape, has access to the phrase, meaning there’s absolutely no way for bad actors to transfer your number to their device, effectively nullifying the possibility of SIM swapping.
Your phone stores an incredible amount of data, which can be accessed through call and text records. Most mobile carriers store your call and text metadata for years, which can easily fall into the wrong hands.
Cape is built to forget, meaning we delete Call Data Records (CDRs) after just 1 day, ensuring nobody can see who you texted or called, track where the communication took place, or access the sensitive information within CDRs.
All SIM cards are accompanied by International Mobile Subscriber IDs (IMSI). These function as unique identifiers devices use to register with cellular networks. Traditional telcos assign fixed IMSIs to user accounts, meaning the carriers, advertisers, hackers, and other bad actors can exploit them to identify and track your device.
Cape patches this security hole by allowing you to automatically rotate your IMSI every 24 hours. In practice, this means you appear as a different subscriber every day, making it much more difficult for anyone to identify your device or track your movements.
Are you tired of spam messages from brands, phone call surveys, and scammers trying to trick you into sharing sensitive information over the phone? The reason why most people are exposed to these nuisances is that we are often required to share our phone numbers with retailers, websites, apps, and service providers.
While messages and phone calls can be annoying, what’s worse is that your number can easily become a target for data brokers and bad actors. That’s why many people turn to VoIP numbers as secondary lines. VoIPs are a decent option, but they don’t fully solve the issue—they are not encrypted, you can’t use them for 2FA, and they’re an additional cost each month.
When you sign up for Cape, you get two free additional SMS/MMS lines that are middle-to-end encrypted. This allows you to use Secondary Numbers for online shopping, signing up for services and discounts, and receiving secure OTPs, while your primary phone number is reserved for friends and family.
6. Network Lock
Traditional cellular networks were designed for interoperability, not security. Outdated and legacy network protocols like SS7 have vulnerabilities that allow attackers to hack in and track your location, intercept your calls and texts, and steal sensitive information.
Cape’s Network Lock uses a proprietary signaling proxy to verify that your device’s physical location matches the network it’s trying to attach to. If anything looks suspicious, like a mismatched location, we block the connection.
Voicemails can reveal more than you think, from personal messages to authentication codes, yet most voicemail systems are outdated and unencrypted.
Cape encrypts your voicemails so that only you can access them.
To access phone service while traveling abroad, your phone typically needs to connect to local telecom providers. The trouble is, there’s no guarantee all networks are secure, and not every government treats privacy the same.
Cape doesn’t leave anything to chance. We let you route traffic through our U.S.-based mobile core, so you can safely use international data roaming without exposing your identity or sharing sensitive data or communications with foreign carriers.
With Cape, you get up to 15 GB per month of international roaming, included in your monthly plan.
Get Started With Cape Today
If you’re ready to make a switch from legacy telcos to America's privacy-first mobile carrier, visit cape.co/get-cape.
In addition to all the features listed above, you can further enhance your privacy and security with Proton. Our partnership with this technology leader allows you to get Proton Unlimited or Proton VPN Plus for only $1 for the first six months.
