AT&T wins court approval to pay $177 million settlement over data breaches
There were two data breaches announced by AT&T last year with one revealed in May and the other in July. Depending on the breach involved, an AT&T customer who can show that they suffered losses “fairly traceable” to the breaches will receive a payment up to $2,500 or a payment up to $5,000. After paying off those who were victimized by direct losses, smaller payments will go out to those whose personal information was accessed in the data breaches.
Despite agreeing to the settlements, AT&T made it clear that it believes it was not at fault denying that it was “responsible for these criminal acts.” The carrier claims, “We have agreed to this settlement to avoid the expense and uncertainty of protracted litigation.” AT&T expects final approval of the settlement to come late in 2025 with settlement payments expected to start arriving early in 2026.
The FCC is also doing detective work trying to find out why, in 2023, an AT&T cloud vendor whose contract expired a few years before, was the subject of a data breach allowing 8.9 million customers to have their data exposed. This data was supposed to have been deleted prior to the data breach. Luckily, the vendor was not responsible for storing very sensitive data and most of the information exposed was AT&T customers’ bill balances. This data covered customers who were with AT&T from 2015 through 2017 and the data should have been deleted in 2017 or 2018.
To settle this incident, AT&T paid a $13 million fine imposed on it by the FCC.
