AT&T Settles Over Data Breaches
NEW YORK — AT&T has finalized a $177 million settlement in relation to two significant data breaches, and consumers affected by this issue have just over a month to file a claim for compensation.
Following the breaches that occurred last year, numerous lawsuits surfaced throughout the U.S., which were later combined. AT&T had informed millions of its customers that sensitive data, including Social Security numbers and call records, had been compromised. Plaintiffs alleged that AT&T “repeatedly failed” to secure consumer data, although the company has consistently denied any wrongdoing. They decided to settle earlier this year to avoid the potential costs and uncertainties of ongoing litigation.
“We have agreed to this settlement to avoid the expense and uncertainty of protracted litigation,” an AT&T representative mentioned in a statement. They emphasized their dedication to protecting customer data and maintaining trust.
Consumers eligible for the settlement have until December 18 to file their claims, although the final approval from a judge is still pending early next year. Here are some essential details regarding the situation.
What Data Breaches Are Included?
The settlement addresses two separate breaches, both disclosed in 2024, affecting data from millions of AT&T customers dating back to 2019 or even earlier. The first breach was reported in March 2024. AT&T revealed that customer information from 2019 or earlier had appeared on the “dark web” weeks prior. At that time, they noted that about 7.6 million current and 65.4 million former account holders were affected, with some sensitive data, like Social Security numbers and passcodes, exposed.
The second breach involved call and text records for nearly all AT&T customers from May to October 2022 and a smaller portion from January 2, 2023. AT&T discovered that this data had been “illegally downloaded from our workspace on a third-party cloud platform” in April 2024 and began alerting customers about it in July after investigations began. They clarified that while phone numbers were exposed, content from calls or texts, as well as other personally identifiable information, was not disclosed.
These breaches led to multiple lawsuits, which ultimately merged into the settlement reached in a U.S. District Court in Texas earlier this year.
Potential Payouts for Customers
The settlement pot totals $177 million, distributing $149 million to the first category of claimants and an additional $28 million to the second category, as detailed in a preliminary approval order from June. Customers affected by the first breach could receive up to $5,000, while those impacted by the second might be eligible for up to $2,500. There’s also an option for some to qualify for both funds.
The actual amounts each person receives will depend on their documented losses, the total number of claims submitted, and other associated costs like attorney fees. The court is set to conduct a hearing for final approval on January 15, 2026.
Claim Filing Deadline
Consumers have until December 18 to file claims, either online or through the mail. For further information, the settlement administrator’s website, Kroll Settlement Administration, provides additional resources. Class members also have the option to opt-out or file objections by November 17.





