AT&T customers affected by two data security incidents can file claims from a $177 million settlement fund.
While the maximum payout is $7,500 for those with documented losses from both incidents, actual amounts will vary based on claim documentation and the total number of claimants.
The 2019 Data Incident
In March 2024, it was revealed that customer data from 2019 and earlier, affecting 73 million current and former AT&T customers, was found on the dark web.
The compromised information included Social Security numbers, full names, email addresses, phone numbers, and dates of birth. AT&T confirmed the breach on March 30, 2024, after initially denying the data’s source.
The 2022 Call Records Breach
Between April 14 and April 25, 2024, hackers accessed AT&T’s third-party cloud storage, Snowflake, stealing call and text records from nearly all customers from May 1 to October 31, 2022, along with some records from January 2, 2023.
AT&T announced the breach on July 12, 2024, after delays from the Justice Department for national security reasons.
Settlement Structure
A settlement has allocated $149 million for the 2019 data incident and $28 million for the 2022 call records breach.
Affected customers can claim up to $5,000 for the 2019 incident and up to $2,500 for the 2022 breach, with those impacted by both eligible to file claims in each category.
The Ransom Payment Controversy
In May 2024, AT&T reportedly paid approximately $370,000 in Bitcoin to a ShinyHunters hacker to delete stolen call records. The hacker initially demanded $1 million but accepted the lower amount.
While sources confirmed the payment, AT&T has not officially acknowledged it.
CEO Acknowledges Disappointment
During AT&T’s second-quarter earnings call, CEO John Stankey acknowledged criticism regarding the company’s performance and expressed disappointment in having to address these challenges.
He cited geopolitical dynamics as a key factor putting pressure on the company’s operations.
Congressional Security Concerns
Rep. Abigail Spanberger (D-VA) wrote to CEO Stankey expressing serious concerns about the national security risks of a recent data breach.
She noted that adversarial governments, like the Russian Kremlin and the Chinese Communist Party, could exploit the stolen information to trace phone numbers, revealing contacts and sensitive communication networks.
Legal Timeline
A number of lawsuits related to both breaches have been combined in the U.S. District Court for the Northern District of Texas. On June 20, 2025, Judge Ada E. Brown granted preliminary approval for a settlement.
The final approval hearing is set for December 3, 2025, at 9:00 a.m. CT.
Claims Process
Eligible customers will receive an email from “attsettlement@e.emailksa.com” with their class member ID for filing claims.
Claims can be submitted online at telecomdatasettlement.com or by mail and must be completed by November 18, 2025. Failure to meet this deadline will result in forfeiture of all compensation rights.
Documentation Requirements
To receive significant compensation, claimants must provide “reasonable documentation” of losses linked to the breaches, such as receipts for identity monitoring, fraud remediation costs, or evidence of identity theft.
Those without such documentation will likely receive smaller, pro-rata shares of the remaining settlement funds.
Attorney Fees and Costs
Class counsel will seek attorney fees totaling $49,666,666.67 for AT&T 1 Class Counsel and $9,333,333.33 for AT&T 2 Class Counsel, representing approximately one-third of their settlement funds.
Class representatives may receive service awards of up to $1,500 each. These costs will be deducted from the settlement funds before customer payouts.
Escalating FCC Penalties
The settlement comes amid mounting regulatory scrutiny. In September 2024, the FCC fined AT&T $13 million for a separate 2023 vendor data breach affecting 8.9 million customers.
“The Communications Act makes clear that carriers have a duty to protect the privacy and security of consumer data, and that responsibility takes on new meaning for digital age data breaches,” FCC Chairwoman Jessica Rosenworcel said.
ShinyHunters Criminal Profile
The ShinyHunters cybercriminal group has targeted multiple major companies through Snowflake cloud platform vulnerabilities. In addition to AT&T, the group has compromised Ticketmaster, Santander Bank, and other high-profile organizations.
Security researchers have linked the group to Russia and note their focus on exploiting third-party cloud vulnerabilities.
Industry Security Response
Following AT&T’s breaches, competitors have enhanced security measures. T-Mobile discontinued call log verification after Princeton University research identified vulnerabilities.
Verizon implemented enhanced biometric authentication through its MyVerizon app. The wireless industry has faced broader scrutiny, with the FCC fining AT&T, T-Mobile, Sprint, and Verizon $200 million collectively in 2024 for illegally selling customer location data.
Consumer Trust Decline
The breaches contribute to declining consumer trust in digital services. Thales’ 2025 Digital Trust Index found no sector reached above 50% consumer trust for data protection.
Banking remained the most trusted sector, but trust levels varied significantly by demographic groups, with older consumers showing higher trust than younger generations.
Generational and Regional Trust Gaps
The Thales survey revealed stark demographic differences in trust levels. Banking trust peaked at 51% among consumers over 55 but dropped to 32% among Gen Z (ages 16-24).
News media ranked lowest at only 3% consumer trust. Government organizations were the only sector where trust increased, rising from 37% to 42% between 2024 and 2025.
Enhanced FCC Vigilance
FCC Chairwoman Rosenworcel emphasized increased oversight following the AT&T incidents.
“Carriers must take additional precautions given their access to sensitive information, and we will remain vigilant in ensuring that’s the case no matter which provider a customer chooses,” she stated. The FCC indicated it will continue aggressive enforcement against data protection violations.
Expected Payout Reality
The settlement website warns that “the amount of money that will be available for Settlement Class Member Cash Payments is unknown at this time.”
Legal experts predict most eligible customers without documented losses will receive modest payments, potentially under $50, rather than the widely-reported maximum amounts due to the large number of expected claimants.
Payment Timeline
If the court grants final approval in December 2025, settlement payments will begin in early 2026.
AT&T stated it “agreed to settle to avoid the expense and uncertainty of protracted litigation” while denying liability. The company anticipates that final approval will conclude the matter without additional delays.
Industry Transformation
This settlement represents one of the largest telecom data breach payouts in U.S. history and signals a shift toward stricter corporate accountability for cybersecurity failures.
As digital threats evolve and regulatory penalties increase, telecommunications companies face mounting pressure to invest substantially in robust security measures or risk facing severe financial and reputational consequences that could reshape industry standards.