The clock is still ticking to file a claim in the $177 million AT&T data breach class action settlement, as the deadline has been extended by two weeks.The settlement stems from two data breaches that exposed tens of millions of customers’ information to the dark web.The first incident, publicly disclosed on Mar.
30, 2024, involved a compromised dataset dating back to 2019 or earlier that contained highly sensitive information, including Social Security numbers, addresses, and passcodes.The second incident, disclosed on Jul.12, 2024, involved the illegal downloading of customers’ call and text records from a third-party cloud platform.
The class action lawsuit culminated in a Consolidated Class Action Complaint filed on May 30, 2025, alleging that AT&T failed to adequately safeguard customer data and to take reasonable steps to prevent both breaches.Plaintiffs argued that insufficient security controls allowed attackers to access and leak sensitive information.AT&T has denied wrongdoing, telling USA Today in a statement, “While we deny the allegations in these lawsuits that we were responsible for these criminal acts, we have agreed to this settlement to avoid the expense and uncertainty of protracted litigation.” More than 51 million people were affected across both incidents.
The settlement provides compensation for eligible customers, but individuals must have received a notice confirming their inclusion in the class.Claims can be submitted online or by mail and must be completed or postmarked by Dec.18.
The extension follows a surge in late filings and consumer questions as awareness of the settlement has spread.The additional time gives impacted customers a final opportunity to confirm eligibility and submit their claim.What the settlement provides The settlement establishes a $177 million fund, divided between two breach groups.
About $149 million is allocated to customers affected by the Mar.30, 2024, incident, which involved the leak of Social Security numbers and passcodes.Roughly $28 million covers those impacted by the Jul.
12, 2024, breach that exposed call and text records.Customers in the first group can claim up to $5,000 in documented losses, while those in the second group can claim up to $2,500.Individuals affected by both breaches can seek compensation from each pool, potentially receiving up to $7,500 if they submit valid, documented loss claims for both incidents.
Customers who do not submit documentation can opt for a pro rata payment calculated after all claims are reviewed.The final payment amounts will depend on how many eligible customers file by the deadline and the administrative and legal costs deducted from the fund.The settlement also includes identity theft protection services for qualifying customers.
Must-read security coverage UK Police Convicts Pair in £5.5 Billion Bitcoin Launder Case Blackpoint Cyber vs.Arctic Wolf: Which MDR Solution is Right for You? How GitHub Is Securing the Software Supply Chain 8 Best Enterprise Password Managers How to file a claim To file, customers must use the official settlement administrator’s portal linked in the notice they received.The notice includes a unique ID that confirms eligibility and links directly to the online claim form.
Customers who prefer to mail their claim must print the form from the same portal, complete it, and send it to the listed administrator’s address.Mailed forms must be postmarked by December 18.The form asks for basic identifying information and the claim ID from the notice.
No additional documentation is required unless the administrator contacts a customer for clarification.The administrator’s site also includes a lookup tool for those who misplaced their notice and need to retrieve their claim ID.Customers should avoid third-party websites or offers promising faster payouts.
The settlement administrator is the only verified channel for submitting a claim, checking eligibility, or reviewing payment terms.After Dec.18, the administrator will review submissions and calculate final payments based on the total number of valid claims and approved costs.
Distribution timelines will be announced after the review period ends.For anyone who received a notice, complete the claim form before Dec.18 or lose eligibility for compensation tied to the breaches.
The settlement site provides the forms, instructions, and complete FAQ for customers who need guidance on the process.700Credit’s recent data breach shows how a single vendor incident can expose dealership customers’ PII and trigger complex FTC reporting rules.Subscribe to the Cybersecurity Insider Newsletter Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Delivered every Monday, Tuesday and Thursday
Subscribe to the Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.Delivered every Monday, Tuesday and Thursday
