Telco Data Breach Timeline

We report on all breaches, nationwide. Other telcos try to hide this information, but sharing it is part of Cape’s commitment to your privacy. This timeline will be continuously updated as breaches, unfortunately, will continue to occur.
CompanyAT&T
Users Impacted109,000,000
User TypeCustomer
Breach OriginsThird Party
Severity of InfoConsumer Communication Records

On Friday, July 12th, AT&T suffered a massive cyberattack as data from around 109 million customer accounts (nearly all of AT&T’s customers), containing records of calls and texts, was illegally downloaded to a third-party cloud platform. The compromised files contain call and text records of AT&T cellular and wireless customers, as well as AT&T landline customers interacting with those cell numbers, between May 2022 and October 2022. The stolen data also includes a small number of customer records from January 2, 2023. The files do not contain the content of the calls or texts, or any personal information such as SSN, but some of the records include cell site identification numbers that can be used to determine the approximate location of where a call was made or text was sent. AT&T said they first learned about the data breach in April 2024, but delayed public notification based on determination by the Justice Department. The FBI is still investigating the breach origins, but at least one person has been arrested so far.

CompanyAT&T
Users Impacted73,000,000
User TypeCustomer
Breach OriginsUndisclosed 3rd Party Vendors
Severity of InfoHighly Sensitive PII

On March 30th, 2024, AT&T disclosed a data breach affecting 7.6 million current and roughly 65.4 million former customers, with sensitive data leaked on the Dark Web. The first indication that a security incident may have occurred was in August 2021, when a hacker posted a data sample and offered the sale of a massive data set they claimed to have stolen from AT&T. At the time, AT&T denied that a breach of their systems had occurred, stating that the data likely originated from another source. In early March 2024, a data seller allegedly published the full data set, revealing information from 73 million AT&T account holders. Following confirmation of the breach, AT&T notified affected individuals that their personal and account information—including names, email addresses, postal addresses, phone numbers, Social Security numbers, birth dates, and account details—might have been compromised. This incident left customers vulnerable to identity theft and financial scams, and led to demands for improvements in AT&T's data security protocols. See to learn more about steps you can take to protect your privacy and avoid falling victim to future data attacks.

CompanyVerizon
Users Impacted63,000
User TypeEmployees
Breach OriginsVersizon Systems
Severity of InfoHighly Sensitive PII

On February 7th, 2024, a report was filed to the Maine Attorney General on behalf of Verizon announcing that their company suffered an internal data breach. While the breach occurred on September 21st, 2023, the company didn't discover what had taken place until nearly three months later on December 12th, 2023. An investigation uncovered that a Verizon employee had gained unauthorized access to a file containing sensitive information of over 63,000 employees, including names, Social Security numbers, physical addresses, and more. Affected employees were offered access to identity protection and credit monitoring services in order to prepare for possible identity theft, fraud, and stolen funds.

CompanyMint Mobile (now acquired by t-mobile)
Users ImpactedUnknown
User TypeCustomer
Breach OriginsMint Mobile Systems
Severity of InfoPII

Toward the end of 2023, Mint Mobile notified an unknown number of customers via email that they had suffered a security breach. The email stated that “an unauthorized actor obtained some limited types of customer information." While the company stated that the underlying issue had been resolved, and that information like Social Security numbers and credit card information was not at risk, the data obtained did include things like customer names, phone numbers, email addresses, and SIM and IMEI numbers, placing those customers at risk for SIM swapping and other social engineering scams. Mint Mobile has since been acquired by T-Mobile.

CompanyT-Mobile
Users Impacted100
User TypeCustomer
Breach OriginsT-Mobile systems
Severity of InfoPII

On September 20th, 2023, T-Mobile customers took to social media to report that upon logging into their T-Mobile apps, their accounts displayed the personal information of another customer instead of their own. Consequently, sensitive data, including addresses and credit card information, was exposed. T-Mobile responded to the breach, reporting that it was caused by an overnight system error and affected fewer than 100 customers. However, the full extent of the exposure remains unknown, as the number of parties has not been disclosed. This incident marked the third customer-related security breach for T-Mobile, and the fourth involving a breach of T-Mobile information, in 2023 alone—an unprecedented record of privacy and security violations for a telecom company in a single year.

CompanyT-Mobile
Users Impacted17,835
User TypeEmployees
Breach Origins3rd party
Severity of InfoHighly sensitive PII

Reports emerged on September 21st, 2023, revealing that hackers breached T-Mobile's internal servers in March 2023, extracting a massive amount of highly sensitive employee data. The compromised information, totaling 89 GB, encompassed details of 17,835 past and present employees, such as names, partial Social Security numbers, and email addresses. This data was subsequently posted on a well-known hacker forum. It is speculated that the breach originated from Connectivity Source, an independently owned T-Mobile dealer, in April 2023.

CompanyT-Mobile
Users Impacted836
User TypeCustomers
Breach OriginsT-Mobile systems
Severity of InfoHighly Sensitive PII

In April 2023, T-Mobile sent a letter to 836 customers disclosing that a data breach had occurred earlier in the year. Information obtained for each customer varied but may have included full name, contact information, account number and associated phone numbers, T-Mobile account PIN, Social Security number, government ID, date of birth, and more. While this breach affected a much smaller number of customers than the incident reported in January, which affected over 37 million, it still represented a massive failure of T-Mobile's security measures. For over a month, cyber attackers were able to maintain ongoing data theft operations while remaining undetected. During that time, affected customers were at enhanced risk of experiencing fraud or phishing scams without any warning to be on guard.

CompanyVerizon
Users Impacted7,500,000
User TypeCustomers
Breach Origins3rd party
Severity of InfoNon-PII

In January 2023, the data of 7.5 million Verizon wireless customers was found on the Dark Web. The breach, discovered by the cybersecurity team SafetyDetectives, was linked to Verizon by clues discovered hidden in the filenames, but conclusive origins have never been disclosed. In response, Verizon stated that the issue stemmed from an outside vendor and had been resolved. While the exposed information did not include any personally identifiable data, the researchers believed that it could be combined with information from other breaches, giving attackers a higher chance of success in perpetrating fraud or identity theft.

CompanyT-Mobile
Users Impacted37,000,000
User TypeCustomers
Breach OriginsT-Mobile systems
Severity of InfoPII

In January 2023, T-Mobile discovered that a "bad actor" had stolen information from over 37 million customer accounts via unauthorized use of a single API. Personally Identifiable Information (PII) including names, addresses, phone numbers, and dates of birth was exposed during the breach. This incident highlights the danger of uncontrolled and unmonitored API use that often occurs at massive companies like T-Mobile. Moreover, while T-Mobile reported that they were able to contain the attack in less than one day, a third of their total subscribers had their personal information exposed during that period.

CompanyVerizon
Users Impacted250
User TypePrepaid Accounts
Breach OriginsVerizon Systems
Severity of InfoPII

Verizon experienced a data breach in October 2022 in which the last four digits of some customers' payment card numbers were exposed. While exposure of the last four digits alone would not enable unauthorized purchases, it did provide the attackers with personal details such as names, phone numbers, and addresses that could facilitate access to additional account information. Further, there's a possibility that the attackers were able to conduct SIM swaps on some accounts. A SIM swap could allow interception of messages or calls intended for the account holder via another device, potentially compromising other accounts. Verizon took steps to safeguard the impacted accounts, such as resetting personal identification numbers. The company also provided recommendations to customers on protecting non-Verizon accounts that may be at risk of unauthorized access through SIM swapping activity resulting from this incident.

CompanyAT&T
Users Impacted23,000,000
User TypeCustomers, former customers
Breach OriginsUnknown, Potentially AT&T
Severity of InfoHighly sensitive PII

In August 2022, a cybersecurity firm reported intercepting a sizable dataset containing Personally Identifiable Information (PII) on approximately 23 million individuals in the United States. The PII included names, physical addresses, email addresses, phone numbers, Social Security numbers, and dates of birth. According to the firm's analysis, the data corresponds most closely to past and present customers of AT&T. While AT&T did not outright confirm the data originated from their systems, they noted the records do not appear to match any known breaches of their own networks. It remains possible the incident is related to a prior data compromise at another unrelated organization.

CompanyVerizon
Users ImpactedUnknown
User TypeUnknown
Breach OriginsVerizon systems
Severity of InfoPII

In May 2022, an unauthorized individual allegedly obtained internal Verizon employee contact records through pretexting tactics. The individual reportedly used deception to access internal systems containing names, ID numbers, phone contacts, and emails. To monetize the stolen database, the alleged perpetrator requested $250,000 to safeguard the information and not publicly share it. Verizon stated they declined to engage, noting the information was already public. However, the database could allow bad actors to pose as employees or flood Verizon's email system with spam or malicious emails.

CompanyT-Mobile
Users Impacted77,000,000
User TypeSubscribers, customers, former customers, and prospective customers (those who applied for credit)
Breach OriginsT-Mobile systems
Severity of InfoHighly sensitive PII

In August 2021, T-Mobile suffered one of the most extensive and costly data breaches on record. Hackers infiltrated T-Mobile systems and stole highly sensitive customer information, including names, driver's license numbers, Social Security numbers, and device identification numbers. In June 2022, T-Mobile reached a settlement agreement to resolve a class action lawsuit filed by customers affected by the breach. As part of the settlement terms, T-Mobile agreed to pay $350 million to customers who experienced harm as a result of the incident. Additionally, T-Mobile committed $150 million toward enhancing its cybersecurity protections and systems. The wireless carrier acknowledged the need to further strengthen safeguards for customers' private data.

Share it

Want to be first? Join our mailing list and stay up to date on all things Cape.

SIGN UP TODAY
Your email will be used to send you updates from Cape. It will never be associated with your account or shared with anyone else.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.