AT&T Company Cyber Security Posture
att.comWe understand that our customers want an easier, less complicated life. Weโre using our network, labs, products, services, and people to create a world where everything works together seamlessly, and life is better as a result. How will we continue to drive for this excellence in innovation? With you. Our people, and their passion to succeed, are at the heart of what we do. Today, weโre poised to connect millions of people with their world, delivering the human benefits of technology in ways that defy the imaginable. What are you dreaming of doing with your career? Find stories about our talent, career advice, opportunities, company news, and innovations here on LinkedIn. To learn more about joining AT&T, visit: http://www.att.jobs We provide in some of our posts links to articles or posts from third-party websites unaffiliated with AT&T. In doing so, AT&T is not adopting, endorsing or otherwise approving the content of those articles or posts. AT&T is providing this content for your information only.
AT&T Company Details
att
177261 employees
1552789.0
517
Telecommunications
att.com
674
AT&_1353905
In-progress
AT&T Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
AT&T Global Score.png)
AT&T Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
AT&T Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| AT&T | Cyber Attack | 100 | 6 | 08/2022 | ATT2145281022 | Link | |
Rankiteo Explanation : Attack threatening the economy of a geographical regionDescription: A cybersecurity firm intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. It corresponds to current and former customers of AT&T. It intercepted a 1.6 gigabyte compressed file on a popular dark web file-sharing site. The largest item in the archive is a 3.6 gigabyte file called โdbfull,โ and it contains 28.5 million records, including 22.8 million unique email addresses and 23 million unique SSNs. There are no passwords in the database. AT&T Internet is offered in 21 states and nearly all of the records in the database that contain a state designation corresponded to those 21 states; all other states made up just 1.64 percent of the records. The vast majority of records in this database belong to consumers, but almost 13,000 of the entries are for corporate entities. | |||||||
| AT&T | Breach | 100 | 4 | 01/2023 | ATT41910723 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: AT&T suffered from a data breach incident after vendor hack that exposed 9 million customers data. The information did not contain credit card information, Social Security Number, account passwords or other sensitive personal information. The compromised data includes customer first names, wireless account numbers, wireless phone numbers, and email addresses. Customer Exclusive Network According to AT&T, information from some wireless accounts, such as the number of lines on an account or wireless rate plan, was made public. | |||||||
| AT&T | Breach | 100 | 5 | 1/2025 | ATT000011825 | Link | |
Rankiteo Explanation : Attack threatening the organizationโs existenceDescription: The 'Salt Typhoon' hacking campaign compromised AT&T's telecommunications network, allowing unauthorized access to Americansโ phone calls, text messages, and law enforcement wiretap systems. This blatant exploitation of cybersecurity vulnerabilities led to severe consequences, exposing the personal and operational data to potential misuse by nation-state actors. The aftermath of the breach has prompted regulatory proposals to implement basic cyber defenses and enforce cyber risk-management planning to prevent such extensive breaches in the future. This incident highlights the stark need for higher cybersecurity standards within critical infrastructure sectors. | |||||||
| AT&T | Breach | 85 | 4 | 6/2025 | ATT344060525 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: A massive data breach at AT&T resulted in hackers leaking personal information of 86 million customers. The breach, initially posted on a Russian cybercrime forum on May 15, 2025, and re-uploaded on June 3, 2025, involved a dataset believed to be from a stolen AT&T database. The leaked information includes full names, dates of birth, phone numbers, email addresses, physical addresses, and Social Security numbers (SSNs), with 43,989,219 records containing SSNs. The SSNs and dates of birth, originally encrypted, have now been decrypted, significantly escalating the risk of identity theft, financial fraud, and social engineering attacks. | |||||||
AT&T Company Subsidiaries
We understand that our customers want an easier, less complicated life. Weโre using our network, labs, products, services, and people to create a world where everything works together seamlessly, and life is better as a result. How will we continue to drive for this excellence in innovation? With you. Our people, and their passion to succeed, are at the heart of what we do. Today, weโre poised to connect millions of people with their world, delivering the human benefits of technology in ways that defy the imaginable. What are you dreaming of doing with your career? Find stories about our talent, career advice, opportunities, company news, and innovations here on LinkedIn. To learn more about joining AT&T, visit: http://www.att.jobs We provide in some of our posts links to articles or posts from third-party websites unaffiliated with AT&T. In doing so, AT&T is not adopting, endorsing or otherwise approving the content of those articles or posts. AT&T is providing this content for your information only.
Access Data Using Our API
Get company history
Rapid.png)
AT&T Cyber Security News
AT&T and Palo Alto Networks Revolutionize Business Security
AT&T and Palo Alto Networks have signed a strategic agreement to provide secure connectivity solutions tailored to address the complex securityย ...
AT&T Cybersecurity Spin-Off LevelBlue Launches New Program To Transform Partners Into MSSPs: Exclusive
LevelBlue, one of the largest cybersecurity startups at its launch, according to the company, is introducing a new partner program to empowerย ...
Trustwave joins LevelBlue in major MSSP deal
The acquisition is a strategic move to build the largest independent, pure-play managed security services provider (MSSP) in the industry.
Judge approves AT&Tโs $177M data breach settlement
The settlement, which has received preliminary clearance, now awaits a December hearing for final approval. Published June 25, 2025.
Cantwell demands answers from AT&T, Verizon over Chinese Salt Typhoon breach
U.S. Senator Maria Cantwell is demanding answers by June 26 from AT&T and Verizon following the Chinese-linked 'Salt Typhoon' cyber operation.
AT&T's $177M Data Breach Settlement: A Wake-Up Call for Telecom Cybersecurity Spending?
AT&T's $177 million settlementโfinalized in June 2025 to resolve lawsuits stemming from a 2024 data breach affecting over 100 million customersโย ...
LevelBlue to acquire Trustwave in push to expand managed cybersecurity capabilities
Managed cybersecurity company LevelBlue Inc. today announced that it has signed a deal to acquire managed detection and response companyย ...
AT&T Customers Issued Security Warning: 'Take Action'
A security expert at McAfee has warned that AT&T customers could be at risk of losing their personal information to identity theft.
LevelBlue bolsters cyber defense with Trustwave deal
LevelBlue, formerly known as AT&T Cybersecurity, has announced its acquisition of managed detection and response firm Trustwave Holdings inย ...
AT&T Similar Companies
Idea Cellular Ltd
Idea Cellular is an Aditya Birla Group Company, India's first truly multinational corporation. Idea is a pan-India integrated GSM operator offering 2G and 3G services, and has its own NLD and ILD operations, and ISP license. With revenue in excess of $4 billion; revenue market share of 18%; and subs
Jazz
Pakistanโs number one digital operator and the largest internet and broadband service provider with over 70 million subscribers nationwide. With a legacy of more than 27 years, Jazz maintains market leadership through cutting-edge, integrated technology, the strongest brands and the largest portfoli
ethio telecom
We are Africaโรรดs pioneering telecom company with more than 130 years of immense experience. Today, here we are standing bold and BIG yet for another golden milestone leading Ethiopia and Ethiopians towards a bright future. We are always on the front line to streamline the overall effort of our peop
A1 Telekom Austria Group
WE ARE EMPOWERING DIGITAL LIFE We don't know how the world will look like in 2050, but we know that A1 Telekom Austria Group is geared up for current and future demands. We are a leading provider of digital services and communications solutions in Central and Eastern Europe, offering a state-of-th
Beltelecom
The Republican Unitary Enterprise Beltelecom is the leading telecommunication company with a long history, the personnel of which provides and develops communication technologies important for the state, society, private and corporate customers. In its activities, the company focuses on the active p
Orascom Telecom
Orascom Telecom is a leading international telecommunications company operating GSM networks in high growth markets in the Middle East, Africa and Asia, having a total population under license of approximately 510 million with an average mobile telephony penetration of approximately 49% as of Decemb
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AT&T CyberSecurity History Information
How many cyber incidents has AT&T faced?
Total Incidents: According to Rankiteo, AT&T has faced 4 incidents in the past.
What types of cybersecurity incidents have occurred at AT&T?
Incident Types: The types of cybersecurity incidents that have occurred incidents Breach and Cyber Attack.
Incident Details
Can you provide details on each incident?
Incident : Data Breach
Title: AT&T Data Breach
Description: A massive data breach involving AT&T, with hackers allegedly leaking personal information of 86 million customers.
Date Detected: 2025-05-15
Date Publicly Disclosed: 2025-06-03
Type: Data Breach
Threat Actor: ShinyHunters
Motivation: Data Theft
Incident : Hacking Campaign
Title: Salt Typhoon Hacking Campaign
Description: The 'Salt Typhoon' hacking campaign compromised AT&T's telecommunications network, allowing unauthorized access to Americansโ phone calls, text messages, and law enforcement wiretap systems. This blatant exploitation of cybersecurity vulnerabilities led to severe consequences, exposing the personal and operational data to potential misuse by nation-state actors. The aftermath of the breach has prompted regulatory proposals to implement basic cyber defenses and enforce cyber risk-management planning to prevent such extensive breaches in the future. This incident highlights the stark need for higher cybersecurity standards within critical infrastructure sectors.
Type: Hacking Campaign
Threat Actor: Nation-state actors
Incident : Data Breach
Title: AT&T Data Breach Incident
Description: AT&T suffered from a data breach incident after a vendor hack that exposed 9 million customers' data. The compromised data includes customer first names, wireless account numbers, wireless phone numbers, and email addresses. Information from some wireless accounts, such as the number of lines on an account or wireless rate plan, was made public. The information did not contain credit card information, Social Security Number, account passwords or other sensitive personal information.
Type: Data Breach
Attack Vector: Vendor Hack
Incident : Data Breach
Title: Data Breach of AT&T Customer Information
Description: A cybersecurity firm intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans corresponding to current and former customers of AT&T.
Type: Data Breach
Attack Vector: Dark Web File-Sharing Site
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Dark Web File-Sharing Site.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach ATT344060525
Data Compromised: Full names, Dates of birth, Phone numbers, Email addresses, Physical addresses, Social Security numbers (SSNs)
Identity Theft Risk: High
Incident : Hacking Campaign ATT000011825
Data Compromised: phone calls, text messages, law enforcement wiretap systems
Incident : Data Breach ATT41910723
Data Compromised: customer first names, wireless account numbers, wireless phone numbers, email addresses, number of lines on an account, wireless rate plan
Incident : Data Breach ATT2145281022
Data Compromised: names, addresses, email addresses, phone numbers, Social Security Numbers, dates of birth
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Full names, Dates of birth, Phone numbers, Email addresses, Physical addresses, Social Security numbers (SSNs), phone calls, text messages, law enforcement wiretap systems, customer first names, wireless account numbers, wireless phone numbers, email addresses, number of lines on an account, wireless rate plan, names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth.
Which entities were affected by each incident?
Incident : Data Breach ATT344060525
Entity Type: Telecommunications
Industry: Telecommunications
Customers Affected: 86,017,090
Incident : Hacking Campaign ATT000011825
Entity Type: Telecommunications Company
Industry: Telecommunications
Incident : Data Breach ATT41910723
Entity Type: Telecommunications Company
Industry: Telecommunications
Customers Affected: 9 million
Incident : Data Breach ATT2145281022
Entity Type: Telecommunications Company
Industry: Telecommunications
Location: 21 states in the US
Customers Affected: 23 million
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach ATT344060525
Type of Data Compromised: Full names, Dates of birth, Phone numbers, Email addresses, Physical addresses, Social Security numbers (SSNs)
Number of Records Exposed: 86,017,090
Sensitivity of Data: High
Data Exfiltration: True
Personally Identifiable Information: True
Incident : Hacking Campaign ATT000011825
Type of Data Compromised: phone calls, text messages, law enforcement wiretap systems
Incident : Data Breach ATT41910723
Type of Data Compromised: customer first names, wireless account numbers, wireless phone numbers, email addresses, number of lines on an account, wireless rate plan
Number of Records Exposed: 9 million
Sensitivity of Data: Low
Personally Identifiable Information: customer first names, wireless phone numbers, email addresses
Incident : Data Breach ATT2145281022
Type of Data Compromised: names, addresses, email addresses, phone numbers, Social Security Numbers, dates of birth
Number of Records Exposed: 28.5 million
Sensitivity of Data: High
Data Exfiltration: Yes
File Types Exposed: dbfull
Personally Identifiable Information: Yes
Lessons Learned and Recommendations
What lessons were learned from each incident?
Incident : Hacking Campaign ATT000011825
Lessons Learned: The need for higher cybersecurity standards within critical infrastructure sectors.
What recommendations were made to prevent future incidents?
Incident : Hacking Campaign ATT000011825
Recommendations: Implement basic cyber defenses and enforce cyber risk-management planning.
What are the key lessons learned from past incidents?
Key Lessons Learned: The key lessons learned from past incidents are The need for higher cybersecurity standards within critical infrastructure sectors.
What recommendations has the company implemented to improve cybersecurity?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Implement basic cyber defenses and enforce cyber risk-management planning..
References
Where can I find more information about each incident?
Incident : Data Breach ATT344060525
Source: AT&T Data Breach
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: AT&T Data Breach.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Data Breach ATT2145281022
Entry Point: Dark Web File-Sharing Site
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident were an ShinyHunters and Nation-state actors.
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on 2025-05-15.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-06-03.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were Full names, Dates of birth, Phone numbers, Email addresses, Physical addresses, Social Security numbers (SSNs), phone calls, text messages, law enforcement wiretap systems, customer first names, wireless account numbers, wireless phone numbers, email addresses, number of lines on an account, wireless rate plan, names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Full names, Dates of birth, Phone numbers, Email addresses, Physical addresses, Social Security numbers (SSNs), phone calls, text messages, law enforcement wiretap systems, customer first names, wireless account numbers, wireless phone numbers, email addresses, number of lines on an account, wireless rate plan, names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 123.5M.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was The need for higher cybersecurity standards within critical infrastructure sectors.
What was the most significant recommendation implemented to improve cybersecurity?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Implement basic cyber defenses and enforce cyber risk-management planning..
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident is AT&T Data Breach.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Dark Web File-Sharing Site.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
