AT&T Settles Class Action Lawsuits Following Major Cyber Breaches
In a significant development for data security, telecommunications leader AT&T has reached settlements for two class action lawsuits triggered by dual data breaches that unfolded in 2024. These incidents were notable not only for their scale but also for the sensitive nature of the information compromised, affecting nearly 180 million customers.
The initial breach occurred in March 2024, revealing sensitive data, including Social Security numbers, of 7.6 million current customers, along with over 65 million former account holders. In the aftermath, AT&T assured affected customers that financial information and call history remained secure. However, the sheer volume of data exposed—including personal identifiers—raised substantial concerns about the company’s cybersecurity measures.
A second, more extensive breach struck just months later, affecting approximately 109 million accounts. This incident encompassed both AT&T’s mobile subscribers and users of mobile virtual network operators reliant on AT&T’s infrastructure. The data exposed during this breach was particularly alarming, including nearly all phone numbers, call durations, and specific identifiers from cell sites.
Responding to the breaches and subsequent legal actions, AT&T has agreed to a settlement of $177 million. Each affected individual could seek claims up to $7,500, although dispersal of these funds will not occur until a final hearing is held on December 3, 2025. In the interim, impacted parties are encouraged to file compensation claims.
Eligibility for claims divides into two distinct categories based on which breach affected the individual. The March breach claimants are categorized into two tiers, with Tier 1 designated for those whose Social Security numbers were compromised. This group is set to receive five times the payouts of Tier 2, which includes others whose data was breached but did not involve their SSNs. Payments to claimants will rely on the total amount of valid claims submitted, the expenses associated with the settlement administration, and the amount allocated for legal fees.
The second group pertains to the July breach, which similarly comprises two tiers. Claimants claiming losses must substantiate their claims with documentation, potentially receiving up to $2,500. Additionally, there exists a ‘Tier 3 Cash Payment’ option that does not mandate documentation but allows claimants to seek a pro-rata share of the remaining settlement fund, the overall value of which remains undetermined.
For individuals affected by both breaches, they are classified as “Overlap Settlement Class Members,” enabling them to lodge claims for both incidents. However, it is imperative that documentation is provided, as it can only be utilized once across claims.
These breaches underscore the persistent cybersecurity threats facing even the largest corporations. Utilizing frameworks such as the MITRE ATT&CK Matrix can elucidate the potential adversary tactics employed in these attacks. Initial access techniques might have included phishing or exploiting software vulnerabilities, which subsequently enabled further tactics like privilege escalation and data exfiltration. The growing concern around data security continues to highlight the need for robust cybersecurity measures within all organizations.
For those seeking more information regarding the settlement details, further resources can be found on the official settlement website. Cybersecurity remains a pressing concern, and it is crucial for business owners to stay informed and vigilant against potential data breaches that threaten sensitive information.
