Data incident at a vendor

Customer Proprietary Network Information (CPNI) is info about the telecom services you receive from us (like your plan name or number of lines). It doesn’t include sensitive personal or financial details.

The vendor determined the incident happened late last year.

Impacted info may have included your name, address, wireless phone number, email address, plan name, number of lines, or device identifiers (such as IMEI).

Only a small percentage of AT&T customers were affected. Notices are being sent to impacted customers by email, text, or postal mail under our standard notification process.

No. The files were the vendor’s stored business records. AT&T systems and databases weren’t accessed.

AT&T accounts

We protect accounts from fraud as a standard practice, and no extra action is required of you at this time. If you'd like additional peace of mind, you can:

AT&T Business accounts

Use Business Account Lock through your account portal.

We know trust matters when it comes to your information. We take that responsibility seriously and continue to strengthen our protections to help keep you safe.

Good to know: You should always be cautious of unexpected calls, texts, or emails asking for account details. Plus, don’t share passwords, passcodes, or one-time PINs.