How do I check if my AT&T data was exposed in the breach?

You can check whether your personal information was exposed using free tools like Have I Been Pwned (haveibeenpwned.com). If you were an AT&T customer between 2019 and July 2024, your data may have been included in one or both breaches. AT&T previously notified affected customers by email or letter.

How much will AT&T settlement checks be in 2026?

Payouts vary by breach and tier. The maximum is $5,000 for the first breach (with documented losses), $2,500 for the second breach, and up to $7,500 for customers affected by both breaches. Customers who filed without documentation will receive a pro rata share of the settlement fund after fees and costs.

What should I do to protect myself after the AT&T data breach?

Place a credit freeze with Equifax, Experian, and TransUnion. Enable multi-factor authentication on all accounts. Add a PIN or passcode to your mobile carrier account to prevent SIM-swap attacks. Monitor your credit reports for unauthorized activity. Be cautious of unsolicited emails, texts, or calls claiming to be from AT&T. File your taxes early to prevent fraudulent tax returns using your stolen SSN.

AT&T Data Breach 2026 Update: 176 Million Records Resurface on Dark Web With Decrypted Social Security Numbers

Q: Was there a new AT&T data breach in 2026?

There was not a new breach. On February 2, 2026, a dataset of approximately 176 million AT&T customer records from the original 2024 data breaches resurfaced on the dark web. The data has been cleaned, enriched, and repackaged with previously encrypted Social Security numbers now fully decrypted.

Q: Can I still file a claim for the AT&T data breach settlement?

No. The deadline to file a claim in the $177 million AT&T data breach class action settlement was December 18, 2025. The settlement is no longer accepting new claims. The court held its final approval hearing on January 15, 2026, and payments to eligible claimants are expected in spring 2026.

AT&T Data Breach 2026 — 176 Million Customer Records Resurface on Dark Web

Steve Levine | Updated: February 15, 2026

AT&T Settlement Status: Claim Deadline Passed — Payments Expected Spring 2026

$177 Million Settlement: View Full Settlement Details

AT&T Breach Data Resurfaces in February 2026 With 176 Million Customer Records

A dataset containing approximately 176 million AT&T customer records began circulating among cybercriminals on February 2, 2026, according to a report from Malwarebytes. This is not a new AT&T data breach. The data originates from the same two major AT&T data breaches disclosed in 2024, but it has since been cleaned, enriched, and repackaged into a more complete and dangerous form than what was originally exposed.

What makes this development particularly alarming is that Social Security numbers that were previously encrypted in earlier versions of the leaked data are now reported to be fully decrypted. According to Security Boulevard, all 148 million SSNs in the dataset are now available in plain text, making the data significantly more actionable for identity thieves than when it first appeared.

What AT&T Customer Data Was Exposed in the 176 Million Record Dataset?

The resurfaced dataset reportedly includes up to 148 million Social Security numbers in full and partial form (now decrypted), more than 133 million full names and street addresses, more than 132 million phone numbers, dates of birth for approximately 75 million individuals, and more than 131 million email addresses.

When this data was first leaked in 2024, some of it was encrypted or incomplete. The February 2026 version represents a consolidated and enhanced dataset where criminals have merged records, filled in gaps, and cracked previously encrypted fields. For any current or former AT&T customer, this means their personal information is now more complete and more easily searchable than at any previous point since the original breaches.

Why Resurfaced AT&T Breach Data Is More Dangerous in 2026 Than in 2024

Breach data does not lose value over time. It tends to grow more dangerous as criminals combine stolen records from multiple sources into richer profiles. In this case, the AT&T dataset has evolved from scattered data points into what security researchers describe as complete identity profiles where a single lookup can reveal a person's full name, home address, phone number, email address, Social Security number, and date of birth all in one place.

That combination is exactly what financial institutions, mobile carriers, and government agencies still rely on for identity verification. With this level of detail, criminals can craft targeted AT&T-themed phishing emails and texts using correct names and partial SSNs to appear legitimate, execute SIM-swap attacks by calling carriers with the exact answers call center agents expect, open fraudulent credit cards and loans using stolen SSNs and dates of birth, file fraudulent tax returns before victims file their own, and take over existing bank accounts, email accounts, and mobile carrier accounts.

The risk is especially high because many people affected by the original 2024 AT&T breaches may not have taken protective steps at the time, believing the encrypted data was less of a concern. Now that the encryption has been broken, those customers face the full impact of having their most sensitive personal information available to anyone willing to pay for it.

AT&T Data Breach Settlement Update 2026: When Will Checks Be Mailed?

The resurfaced data originates from the same two AT&T data breach incidents covered by the $177 million AT&T data breach class action settlement.

The first breach, announced March 30, 2024, exposed personal information including names, addresses, Social Security numbers, dates of birth, and account passcodes for approximately 73 million current and former AT&T customers. The data originated from 2019 or earlier.

The second breach, announced July 12, 2024, involved call and text metadata for nearly 109 million customers that was illegally downloaded from an AT&T workspace on a third-party cloud platform hosted by Snowflake. This data covered interactions from May through October 2022 and a small subset from January 2, 2023.

The deadline to file a claim in the AT&T data breach settlement was December 18, 2025. The settlement is no longer accepting new claims. The official settlement website confirms that the court held its final approval hearing on January 15, 2026 at 9:00 a.m. CT. AT&T settlement payments are expected to begin in early to mid-2026 once the judge grants final approval and the settlement administrator completes its review of all valid claims.

Customers affected by the first breach may receive up to $5,000 with documented losses. Customers affected by the second breach may receive up to $2,500. Customers affected by both breaches could receive up to $7,500 total. Customers who filed claims without documentation will receive a pro rata share of the remaining settlement funds after administrative costs and attorney fees.

How to Check if Your AT&T Data Was Exposed in the Breach

If you were an AT&T customer at any point between 2019 and July 2024, your data may have been included in one or both of the breaches that make up this resurfaced dataset. AT&T previously sent notifications to affected customers by email and physical mail beginning in August 2025 through October 2025. If you did not receive a notice, you can contact the settlement administrator at the official AT&T Data Incident Settlement website.

You can also check whether your personal information has been exposed in known data breaches using free tools such as Have I Been Pwned. Even if you are no longer an AT&T customer, your historical data may still be part of this circulating dataset.

How to Protect Yourself After the AT&T Data Breach in 2026

Whether or not you filed a claim in the AT&T settlement, the fact that this data is now actively circulating in a more complete form means every current and former AT&T customer should take protective action. The following steps are recommended by the FTC and cybersecurity experts.

Place a credit freeze with all three major credit bureaus. Contact Equifax, Experian, and TransUnion to freeze your credit. This prevents anyone from opening new credit accounts in your name using your stolen SSN. Credit freezes are free and can be temporarily lifted when you need to apply for credit.

Enable multi-factor authentication on all accounts, especially financial accounts, email, and your mobile carrier account. Use authentication apps or hardware security keys rather than SMS-based two-factor authentication, which can be bypassed through SIM-swap attacks.

Add a PIN or passcode to your mobile carrier account. Contact AT&T or your current carrier to set up a port-out PIN that prevents someone from transferring your phone number to a new SIM card without your authorization.

Monitor your credit reports regularly for unauthorized accounts or hard inquiries. You can access free credit reports at AnnualCreditReport.com.

File your taxes early. Tax refund fraud is one of the most common uses of stolen Social Security numbers. Filing your return as early as possible reduces the chance that a criminal can file a fraudulent return in your name before you do.

Be cautious of phishing attempts. With accurate personal details now available to criminals, phishing emails and text messages impersonating AT&T or financial institutions may be highly convincing. Do not click links in unsolicited messages claiming to be related to AT&T or the settlement. Always verify by going directly to att.com or the official settlement website.

Consider identity theft monitoring services. While the AT&T settlement offered limited free credit monitoring, standalone services can provide ongoing dark web monitoring, fraud alerts, and identity recovery assistance.

Report suspected identity theft to the FTC at IdentityTheft.gov, which provides personalized recovery plans and pre-filled letters to send to creditors and bureaus.

Frequently Asked Questions About the AT&T Data Breach 2026

Was there a new AT&T data breach in 2026?

No. The dataset circulating as of February 2, 2026 is not from a new breach. It contains data from the two AT&T data breaches originally disclosed in 2024 that has been cleaned up, merged, and had previously encrypted fields such as Social Security numbers fully decrypted by criminals.

Can I still file a claim for the AT&T data breach settlement?

No. The claim deadline was December 18, 2025 and has passed. The settlement is no longer accepting new claims. The settlement website notes that late claim forms can be downloaded and mailed, but acceptance is not guaranteed.

When will AT&T settlement checks be mailed in 2026?

The court held its final approval hearing on January 15, 2026. Settlement payments cannot be issued until the judge grants final approval and the claims administrator finishes reviewing all submitted claims. Based on prior statements, AT&T settlement payments are expected to begin in early to mid-2026, though exact dates have not been confirmed.

How much will I receive from the AT&T data breach settlement?

Payment amounts depend on which breach affected you and whether you submitted documented losses. The maximum is $5,000 for the first breach (Tier 1 with SSN exposure gets five times more than Tier 2), $2,500 for the second breach, and up to $7,500 for customers affected by both. Final amounts will depend on the total number of valid claims and deductions for administrative costs and attorney fees.

How do I check if my Social Security number was in the AT&T breach?

AT&T notified affected customers by email and mail. You can also check the official settlement website using your notice ID, or use free breach notification services like Have I Been Pwned to check if your email was included in known AT&T breach datasets.

What should I do if I missed the AT&T settlement claim deadline?

Even though the claim window is closed, you should still take steps to protect yourself. Place credit freezes, enable multi-factor authentication, set up a carrier PIN, monitor your credit, and file your taxes early. The resurfaced data means the risk of identity theft remains active regardless of whether you filed a claim.