110 Million AT&T Customers Have 11 Days Left To Claim Up To $7,500—Here’s How

Tens of millions of AT&T customers have just over a week to claim their share of a $177 million settlement stemming from two massive data breaches the telecom giant disclosed last year. The deadline to file is December 18.

The settlement, which received preliminary court approval in June 2025, resolves a consolidated class action lawsuit arising from breaches that exposed the personal information of roughly 73 million customers in one incident and the call records of nearly all 110 million AT&T wireless subscribers in another. If you were an AT&T customer between 2019 and October 2022, there’s a reasonable chance your data was compromised in at least one of these incidents.

The first breach, announced by AT&T on March 30, 2024, involved customer data that appeared on the dark web. The company said it contained information from 2019 or earlier, affecting approximately 7.6 million current account holders and 65.4 million former customers. That data included sensitive fields: names, addresses, phone numbers, Social Security numbers, dates of birth, and account passcodes.

The second breach proved even more sweeping in scope. In a July 12, 2024, SEC filing, AT&T disclosed that hackers had stolen call and text message metadata for “nearly all” of its wireless customers.

The data covered interactions from May 1 through October 31, 2022, plus a single day in January 2023. The stolen records didn’t include the content of calls or texts, but they did reveal who called whom, when, how often, and for how long. For some customers, cell tower data that could approximate their location was also taken.

That breach traced back to Snowflake Inc., a cloud data warehousing platform AT&T used to store customer information. According to Mandiant, the Google-owned cybersecurity firm that investigated the incident, attackers used credentials stolen through infostealer malware to access customer environments that lacked multi-factor authentication. More than 160 Snowflake customer environments were potentially compromised in the campaign, including those of Ticketmaster, Santander Bank, and Advance Auto Parts.

The national security implications of the AT&T breach were significant enough that the U.S. Department of Justice asked the company to delay public disclosure—twice. According to AT&T’s SEC filing, the DOJ determined on May 9, 2024, and again on June 5, that disclosure could pose risks to national security and public safety. This appears to be the first instance of a company receiving such a delay under the SEC’s cybersecurity disclosure rules, which took effect in December 2023.

According to Wired and SecurityWeek, AT&T paid approximately $370,000 in Bitcoin to a hacker affiliated with the ShinyHunters group in exchange for a video showing the stolen data being deleted. AT&T has declined to comment on the reported ransom payment. Security experts have long warned that paying ransoms provides no guarantee that stolen data has actually been destroyed.

Two individuals have been charged in connection with the Snowflake attacks. John Erin Binns, a 24-year-old American previously indicted for the 2021 T-Mobile breach, was arrested in Turkey in May 2024. Connor Riley Moucka, 25, was arrested in Canada in October 2024. According to a Department of Justice indictment, the pair allegedly accessed “billions of sensitive customer records” and extorted at least $2.5 million from victims.

The settlement divides the $177 million into two funds: $149 million for customers affected by the first breach and $28 million for those affected by the second. Customers who can document financial losses “fairly traceable” to the breaches may claim up to $5,000 for the first incident and up to $2,500 for the second—a potential maximum of $7,500 for those affected by both.

Customers without documented losses can still claim a pro-rata share of the remaining settlement funds after attorneys’ fees and administrative costs. Class counsel is seeking up to one-third of each settlement fund in fees—roughly $49.7 million and $9.3 million, respectively.

AT&T continues to deny wrongdoing. In a statement, the company said it agreed to settle “to avoid the expense and uncertainty of protracted litigation” and remains “committed to protecting our customers’ data.”

The final approval hearing is scheduled for January 15, 2026. If approved without appeals, payments could begin within 90 days—likely by April 2026.

To file a claim, visit TelecomDataSettlement.com. The deadline is December 18. You can also call 833-890-4930 with questions. Eligible customers should have received email notices from attsettlement@e.emailksa.com.

If you think your Social Security number may have been exposed, consider placing a credit freeze with all three major bureaus and monitoring your accounts for suspicious activity. It costs nothing and takes minutes.