AT&T was hacked, and it has been reported to me that my SSN, address, and Name has been found on the Dark Web.

The hack originated from a third party vendor that AT&T used/uses and is not from AT&T itself. Why this particular vendor kept AT&T data for a long period of time is unclear. AT&T should have been more diligent with this vendor and how they protect a client's data but apparently they weren't. Storing a client's data for a long period of time could be the vendor's policy of which AT&T would have no control over. Regardless of the reason, AT&T and the vendor should have had better security in place.

There is no department that I am aware of that is specifically handling this. If you are not a current AT&T customer it's even more difficult. AT&T sent out emails to current customers who were affected by the data breach offering them a free year of total Experian protection. For a non-customer, you can try to file a complaint with the BBB and that will get forwarded to AT&T Upper Management which should generate a call from AT&T so you can discuss the issue directly with them. There's no guarantee that they can or will help but it's worth a try.

To be clear, AT&T didn't provide the data. It came from a third party vendor who stored the AT&T data.

Thanks for the feed back, I have filed a complaint with the Fed Trade Commission, and the US ATG office fraud division and will follow through as you suggest with the BBB.  The only thing I can add, would be that ultimately AT&T is responsible for the inter issue.  As I see it, I never offered any of my information to anyone but AT&T for the service provided.  If they had small print in place that they could share my information with a third party.  Their the entity that picked that party.  I have my own Id theft protection in place, I have also locked all 3 credit reports moving forward.  In short, AT&T needs to be held accountable, and with social media and so many collage students willing to work posting.  We should do just that, call them out.

@raulsv  The FTC will do nothing. Same for the ATG. Fraud was not committed unless someone has used your information to unlawfully purchase goods or use your information in any way without your permission. Keep in mind that most folks who use the internet for any length of time will have their information on the dark web. That is the nature of the internet now-a-days. Once on the dark web, it can never be removed. Having your SSN compromised is bad but the bad guys can still mess with your accounts by just having your name, address, and phone number. If you know what you're doing, you'd be surprised how much personal information can be had from just that and what can be done to someone.

What will AT&T do other than offer the one year free Experian to those customers that AT&T has contacted? Only AT&T knows that. AT&T is probably already being called out but most of us will never know what the outcome is unless they are forced to go public, which I doubt.

I was hacked and scammed and I had 14 malicious sites on my computer. I want to know if this could've happened from the ATT Breach. Someone needs to be held accountable for everything that I've gone through since April 24th. I've filed an FBI report, FTC besides looking for an attorney are there any other options.

I would say flood social media with your story.  I finely received a letter from AT&T offering me what I already have.

I have spent years building my score, and just as many fighting for my info to stay privet.  I even during the Bill Clinton administration offered a strong proposal to the US Government and Financial institutions to combat Credit fraud.   The most I received was a letter from Mr. Clinton and others that received the package was, a big that a boy.  Oh yeah, one thing was changed after my proposal.  At one time you could use anyone's credit card at the gas pump, until they canceled or reported lost.  As part of my proposal, I recommended adding a code to the use of any card just for that reason.   Then out of the clear blue or gray sky, everyone had to enter their zip code along with the card.  Yes, we have come a long way since then.  But as I reported to them, there was 500 mil dollars a year in credit card fraud alone.  Now we have the internet, with that comes the tool of calling foul.  Just be sure we can back up what we are saying would be my thinking on the subject.  Life is like a box of chocolate, you never know what you gonna get.

Hi @chercher79

We understand how inconvenient it is, Let's get the help you need.

For customers impacted, AT&T took precautionary measures and reset your passcode. In addition, if your information was impacted by this act, you should receive a letter from AT&T explaining the incident, what information was impacted, and what AT&T is doing in response. To learn more, visit www.att.com/accountsafety.

The Community Forums are a public support option where other users, and AT&T, will try and assist with high level support needs. This means we won’t be able to look into account specific concerns. To get the help you need for your unique issue, please review our Contact Us page- https://www.att.com/support/contact-us/, and choose the best option to reach out to us. You can call, chat, or reach out via social media, and we can review your specific issue and provide you support. If you feel your issue isn’t account specific, and can be answered generally, please let us know, and we’ll be happy to help.

Thank you for contacting AT&T Community Forums,
Maria, AT&T Community Specialist.

@chercher79

1. File a police report for identity theft.

2. File a fraud report with AT&T.

3. Notify your credit card companies.

4. Change all of your passwords on ALL of your accounts using strong passwords which are different from each other and use 2FA (two factor authorization if offered).

5. Dispute any charges that you don't recognize.

6. Start monitoring all of your accounts on a weekly basis for any suspicious activity.

7. Change your email to a new account and provider. Gmail is ok but I'd look for a separate email service for at least your important accounts.

Do this now and don't expect AT&T to take care of it because technically, it's your problem now not theirs. There is no way of knowing for sure how your information was picked up. It could have been the security breach from one of AT&T's vendors (the actual breach did not come from AT&T proper), or someplace else. The fact that you said you had 14 malicious sites on your computer indicates that your hacking was the result of something else. Unless you received a letter from AT&T or one of the credit agencies pointing the finger back to AT&T, it's unlikely that your issue is related to AT&T. An attorney will be a waste of money because it's doubtful that you'll be able to prove without a shadow of a doubt that your issue was caused by AT&T's vendor's breach.

Thank you for all of the info most it I have done and will do the others you mentioned.