UPDATE A U.S. judge granted preliminary approval on Friday to a $177-million settlement that resolves lawsuits against AT&T (NYSE: T) over breaches in 2024, that exposed personal information belonging to tens of millions of the telecom company’s customers. U.S. District Judge Ada Brown in Dallas said in a ruling that the class-action settlement was fair and reasonable, according to Reuters.
The deal resolves claims over data breaches that AT&T announced in May and July last year. Depending on which breach is involved, AT&T has agreed to pay up to $2,500 or $5,000 to wireless customers who suffered losses that are “fairly traceable” to the incidents. After payments are made for direct losses, the remaining funds will be distributed to customers whose personal information was accessed.
AT&T said it denied allegations it was “responsible for these criminal acts. We have agreed to this settlement to avoid the expense and uncertainty of protracted litigation.”
The carrier anticipates the settlement will be approved by the end of 2025, with settlement payments to be issued early next year, Reuters reports.
One of the incidents resulted in the illegal downloading of about 190 million wireless customer accounts. AT&T disclosed that its call logs were copied from its workspace on a Snowflake cloud platform covering about six months of customer call and text data from 2022, from nearly all its customers, Inside Towers reported.
In March 2024, AT&T said it was investigating a data set released on the “dark web” and said its preliminary analysis showed it affected approximately 7.6 million current account holders and 65.4 million former account holders. The company said the data set appeared to be from 2019 or earlier.
The FCC is also investigating. In September, AT&T agreed to pay $13 million to resolve a Commission investigation over a data breach of a cloud vendor in January 2023 that impacted 8.9 million AT&T wireless customers, Inside Towers reported. The FCC said the data exposed in 2023 covered customers from 2015 through 2017 that should have been deleted in 2017 or 2018.
By Leslie Stimson, Inside Towers Washington Bureau Chief
Reader Interactions