At a Glance
Accounts impacted: ~49 million phone numbers linked to personal data
Breach occurrence date: 2021 (data resurfaced in 2025)
Added to breach breakdown: December 16, 2025
What Happened?
A previously known AT&T data breach from 2021 has resurfaced after a threat actor released a newly reformatted version of the stolen data online. While parts of this data had circulated before, this updated release directly links Social Security numbers and birthdates to nearly 49 million phone numbers.
Security researchers confirmed that the data was reorganized to remove internal markers and decrypt sensitive fields, making it easier for criminals to use. AT&T says the data comes from the older breach and not from a new system compromise.
What Information May Have Been Exposed?
The repackaged data includes:
Full names
Phone numbers
Physical addresses
Unencrypted Social Security numbers
Unencrypted dates of birth
In total, roughly 88 million records were shared, with about 49 million unique phone numbers now tied to sensitive identifiers.
Where Did the Data Come From?
Investigations show the data originated from AT&T’s 2021 breach, not a more recent attack. Although some hackers claimed the information came from a 2024 Snowflake-related incident, researchers confirmed the dataset was simply cleaned up, decrypted, and republished from the original breach.
AT&T initially questioned the data’s legitimacy in 2021 but later confirmed it was stolen from its systems.
Why This Is Risky
The newly formatted data increases the threat level because it directly connects identities to phone numbers:
Identity theft (opening credit accounts or committing tax fraud)
Targeted scams (impersonating AT&T or government agencies)
Account takeovers (combined with passwords from other breaches)
Once republished, this type of data can circulate indefinitely.
How AT&T Responded
AT&T says it is reviewing the newly released data but maintains that it stems from the earlier breach. The company reports no evidence of a new attack on its systems and continues to investigate how the data is being reused.
What You Should Do Now
Monitor credit reports and financial accounts
Place a fraud alert or credit freeze if concerned
Be cautious of unexpected calls, texts, or emails
Avoid sharing personal information over the phone
How OptMsg Helps
Blocks phishing and scam emails before they reach you
Encrypts private messages between OptMsg users
Never sells or monetizes your personal data
Helpful Links:
Why This Still Matters
While this isn’t a new breach, the repackaging and re-release of sensitive personal data make this incident just as dangerous—if not more so—than when it first occurred. Don’t wait until the next data leak hits. Safeguard your digital life with OptMsg’s privacy-first communication tools today.
