Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Tom’s Guide
Tom’s Guide
Technology
Andy Sansom

AT&T breach victims need to take these 3 steps right now

AT&T 3g shutdown.

Telecom giant AT&T just admitted that almost all of its roughly 110 million customers have been the victims of a massive data breach

If you were a customer between May 2022 and January 2023 then there is a very high chance your data has been compromised with call and text message records accessed via an illegal download from a third-party cloud platform

Those who have been let down should look out for contact from AT&T or log into their account and look for a notification. But here's what you should do right now, from changing your password to investing in one of the best VPNs

1. Change your password 

(Image credit: Getty Images)

This really goes without saying. Your password has likely now been compromised and you should change it on both your AT&T account and anywhere else you use it. I know it's inconvenient but try and use a different password for each service. There are plenty of tools for creating secure randomly generated passwords, and you don't even need to remember them if you use one of the best password managers

Where possible you should also activate 2-factor authentication on your account (and any accounts that use the same password). Combining two methods of logging in together obviously creates a much more secure system. 

If possible given the nature of this leak, you probably should also look to change your cell phone number.

2. Prepare for scammers

(Image credit: Getty Images)

It's time to face the facts, you're probably going to get a few more spam calls for a while. That's not as big a deal as potential scammers. Be extra careful about giving anyone personal details such as banking information or your address over the phone, they could be cleverly disguised phishing schemes. 

You should also be extra vigilant online as even anonymous phone number information can be pieced together by scammers to identify individual people. Treat every email from an unfamiliar address as suspicious.

It's also wise to notify your bank that you have been the victim of this attack. They can keep an extra eye out for any suspicious transactions taken in your name and introduce new security measures to make you certain that you are contacting your bank and not an imposter in the future. 

3. Protect yourself 

(Image credit: Vertigo3d/Getty Images)

Changing your password is a start but there are further steps you can take to stay safe online. 

Using one of the best VPNs is a great way to protect your data online when browsing. Not only do they spoof the location of your IP address but they also securely encrypt your data. There are even free VPN plans like ProtonVPN

Many also include elements of antivirus. NordVPN for example has its Threat Protection Pro system, a great tool for fighting phishing. A Surfshark One subscription meanwhile includes dedicated antivirus software and Alternative ID, a feature that lets you sign up for services online with randomly generated details and now even a decoy phone number

With an Alternative ID, you can make accounts for less trustworthy services (or ones that are frequently attacked, like AT&T) with complete peace of mind. You can minimize any spam and sleep easy at night knowing that if your details get leaked then you've not actually been compromised. There's nothing for hackers to piece together, just disconnect that ID, re-roll another random identity and you're ready to go. 

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.