The settlement from AT&T originates from data breaches in 2019 and 2024.
In 2024, approximately 1.35 billion notifications were issued regarding data breaches, with nearly 10% attributed to a hack of AT&T servers in April. This information was sourced from the Identity Theft Resource Center’s 2024 Annual Data Breach Report. In response to this incident and another breach from 2019, the telecommunications company has announced a proposed settlement amounting to $177 million.
On June 20, U.S. District Judge Ada Brown granted preliminary approval to AT&T’s settlement terms, addressing two lawsuits involved in the data breaches. This agreement stipulates that AT&T will compensate affected customers, focusing on those with significant damages that can be directly linked to the data leaks.
The settlement framework allocates larger payments to claimants who can provide documented proof of damages stemming from these incidents, particularly prioritizing those affected by the 2019 breach. Despite moving towards a settlement, AT&T continues to assert it is not responsible for the breaches.
Details about the settlements are still emerging. For information on recent settlements, including Apple’s Siri privacy settlement and details regarding how to file a claim, readers can find additional resources.
Analyzing AT&T’s Data Breaches
AT&T acknowledged two data breaches last year, starting with an investigation into the first incident in March and confirming its validity in May, followed by a confirmation of the second breach in July. The first breach dates back to 2019, affecting roughly 7.6 million current and 65.4 million former customers, exposing sensitive information including names, Social Security numbers, and birth dates, after customer data surfaced on dark web forums.
The second breach, occurring in April 2024, involved unauthorized access to AT&T’s cloud storage provider, Snowflake, compromising call and text records for about 109 million U.S. customers. While personal identifiers were not linked to this data, two individuals were arrested in connection with this incident. Both breaches have led to numerous class-action lawsuits alleging inadequate security measures by AT&T.
Eligibility for the AT&T Data Breach Settlement
As it stands, the settlement will extend to any current or former AT&T customer whose data was compromised in either breach, with a tiered payment system for those who can demonstrate direct damages. Affected individuals can expect notifications via email or postal mail in the coming months, with the claims process estimated to commence on August 4, 2025.
Anticipated Settlement Payments from AT&T
To qualify for higher payouts, claimants must reasonably substantiate damages due to the breaches. Those from the 2019 breach may receive up to $5,000, while the Snowflake breach could yield a maximum payment of $2,500. Details regarding customers affected by both breaches remain unclear at this time. Priority will be given to fulfilling these higher claim amounts first, with the remainder of the $177 million settlement allocated to those without proof unless the higher amounts have been fulfilled.
Timeline for Receiving Payments from the Settlement
AT&T anticipates that payments will start rolling out in early 2026. While precise dates have yet to be confirmed, the court-approved notification schedule will span from August 4 to October 17, 2025. Claims must be submitted by November 18, 2025, while a court hearing for final approval is set for December 3, 2025.
This article will be updated regularly as new information becomes available. For ongoing financial updates, consult CNET’s daily tariff price tracker.
