I just got the letter, but safari/adaware blocked the domain (att-mail.com) as a blocked link/domain.

I received the same email and I have the same question as @hcabello (above). Unfortunately, @CalebP did not answer the question which is this: is the email, purportedly from AT&T, regarding a breach of a vendor's system and access to CPNI, a legitimate message from AT&T?

I received the same email and don't see any notices in my actual ATT portal.  I'm figuring it as a scam.

Notice the actual website domain when you hover over the "extra security" link, it shows as message.att-mail.com at the bottom left of the browser window.   Use this same technique when you suspect other scams.

Just got another letter as well today.

Notice Regarding Customer Proprietary Network Information (CPNI) – Wireless Account Ending in XXXX

Dear :

AT&T's commitment to customer privacy and data security is a top priority. We recently determined that an unauthorized person breached a vendor's system and gained access to your "Customer Proprietary Network Information" (CPNI). In our industry, CPNI is information related to the telecommunications services you purchase from us, such as the number of lines on your account or the wireless plan to which you are subscribed. However, please rest assured that no sensitive personal or financial information such as Social Security number or credit card information was accessed.

To address this issue, the following steps have been taken:

• We confirmed with the vendor that the vulnerability has been fixed.
• We have notified federal law enforcement about the unauthorized access of your CPNI as required by the Federal Communications Commission. Our report to law enforcement does not contain specific information about your account, only that the unauthorized access occurred.

If you have an existing account with AT&T, you may want to consider adding our "extra security" password protection to the account at no cost. You can learn more at https://www.att.com/support/article/my-account/KM1051397/

Please accept our apology for this incident. If you have further questions, you may visit: https://att.com/data-event/login You will be prompted for your myAT&T login credentials, and if you do not have a myAT&T profile, you can create one using your account information.

Thank you,

AT&T

Just chatted w/ someone at AT&T and they confirmed is a scam.  They don't send out emails from that domain. 

It's not a scam. There is nothing malicious in the email, the links are valid, and everything points to this coming from AT&T. 

I just received one of these letters earlier this week. I've read through several threads and still cannot determine if this is an official notice from AT&T or a scam. Can anyone provide a clear answer? 

@ATTTimCS Please, have the notification sent to our portals in addition to the email, this would have avoided much of the confusion.

Thanks,

--IanM

Please, have the notification sent to our portals in addition to the email, this would have avoided much of the confusion.

What portals?

Just chatted w/ someone at AT&T and they confirmed is a scam.  They don't send out emails from that domain. 

Then whoever you chatted with is wrong.  What "that" domain?  ATT-MAIL.COM is easily verified as belonging to AT&T.