AT&T is set to resolve two significant data breaches that led to a class action lawsuit by compensating $177 million. The telecom company reached this settlement to avoid going to trial, which has received preliminary approval from a Texas judge as of August.
Individuals affected by these breaches may be eligible to claim up to $7,500. A dedicated settlement website managed by Kroll, the risk and financial advisory firm overseeing the agreement, is now operational for potential claimants.
The class action lawsuit stems from two distinct breaches, one occurring in 2019 and the other in 2024. The 2019 incident was not disclosed by AT&T until 2024, revealing that data had been compromised and was being sold on the dark web. This breach affected the personal information of over 73 million customers, including sensitive details such as Social Security numbers, legal names, and birthdates. In response, AT&T had to reset the passcodes for millions of accounts.
In the 2024 breach, hackers accessed data held in AT&T’s cloud-based data warehouse, Snowflake, affecting an estimated 109 million customers. The stolen information predominantly involved calling data, including mobile and landline numbers, call and text records, and various identifiers that could assist in revealing customer identities.
Initially filed as separate lawsuits, the cases were consolidated into one class action suit. The settlement indicates that the parties involved have settled “in their entirety without any admission of liability or wrongdoing,” according to the information available on the settlement website.
The funds from the settlement will be distributed across two classes: the “AT&T 1 Settlement Class” for the 2019 breach, which will allocate $149 million, and the “AT&T 2 Settlement Class” for the 2024 incident, with $28 million designated.
Eligible claimants should keep an eye on their emails, including the spam folder, as Kroll will reach out to them. Those who believe they qualify but have not received any communication can initiate contact by calling (833) 890-4930 or writing to Kroll’s designated settlement address.
Claims can be filed online on the Kroll website or through traditional mail using the provided address. Claimants will need their Class Member ID to submit a claim, which Kroll will provide upon communication. Individuals can print the claim form to mail if they prefer not to submit online. Claims must be submitted or postmarked by December 18, 2025.
For those affected by the 2019 breach, documented financial losses due to the breach will qualify them for compensation of up to $5,000, while individuals impacted by the 2024 breach may obtain up to $2,500. If claimants cannot demonstrate direct financial loss but still qualify, they will receive a pro rata share based on the total claims made.
This settlement not only provides compensation for those impacted but also highlights the importance of data security within large corporations. As such incidents underscore the vulnerabilities in data handling, this resolution can serve as a pivotal moment for increased vigilance and improved security practices within the telecom industry.