AT&T Data Breach Class Action Settlement
Photo: iStock
In a significant move to address customer concerns regarding cybersecurity, AT&T has reached a settlement in a class action lawsuit stemming from two major data breaches in 2024, amounting to $177 million. Customers whose sensitive data was compromised during these incidents may be eligible for compensation of up to $7,500, contingent on filing a claim by November 18, 2025.
The first breach, disclosed on March 30, 2024, involved the exposure of highly confidential personal information, including names, addresses, Social Security numbers, birthdates, passcodes, billing data, and phone numbers. Reports indicate that this data ultimately surfaced on the dark web, raising substantial concerns about identity theft and fraud. A subsequent breach on July 12, 2024, involved a less extensive compromise, where unauthorized access was gained to account holders’ information and the phone numbers they contacted.
Customers impacted by the March breach may claim up to $5,000 for documented financial losses associated with identity theft or credit monitoring expenses, while those affected by the July breach are eligible for reimbursements of up to $2,500. Compensation amounts vary based on the type of exposure and the documentation provided by the claimants. For individuals lacking sufficient proof of financial loss, a tiered payment system remains available. Tier 1 offers compensation to those whose Social Security numbers were compromised, providing five times the amount available in Tier 2, which is designated for those impacted without such exposure. Tier 3 encompasses individuals affected by the July breach.
Critically, if an individual can document losses from both breaches, the total compensation could reach $7,500. This framework aims to provide a financial remedy to those affected while balancing the distribution of settlement funds among eligible claimants.
Those wishing to submit a claim must do so via the official AT&T Data Incident Settlement website by filling out an online form or choosing to print and mail a completed form. It is vital that all mailed claims are postmarked by November 18, 2025. Applicants should prepare documentation showcasing their out-of-pocket expenses resulting from the breach, such as bank statements or receipts. For claims based on tiered payments, eligibility verification based on data exposure remains essential.
Although AT&T has not admitted any wrongdoing in this settlement, the company seeks to resolve ongoing litigation and restore trust among its customer base. The ramifications of these breaches emphasize the importance of robust cybersecurity measures and proactive incident response capabilities for businesses in today’s threat landscape.
