AT&T Data Breach Affected Customers Eligible for Settlement Payouts

The deadline for submitting claims has been pushed back to December 18, 2025, giving claimants roughly one more week to file. The rest of the article provides the background details.

In 2019, cybercriminals accessed personal information from about 74 million AT&T landline users, which included Social Security numbers. The company only announced the incident in early 2024 after the information surfaced on the dark web. Subsequently, AT&T disclosed that intruders had also obtained call records from more than 100 million mobile subscribers during the period from May 1 to October 31, 2022; this encompassed users of its affiliates Cricket Wireless and H2O Wireless.

Affected individuals filed a class-action lawsuit against AT&T, resulting in a favorable outcome.

A court has now provided initial approval for the proposed agreement. Under these terms, a total of $177 million will be allocated to victims of the incidents, covering both active and past AT&T subscribers. Specifically, $148 million is designated for the 2019 incident, and $28 million for the 2022 event.

Compensation amounts will depend on the extent of harm experienced, with individuals able to provide evidence of direct losses from the breaches qualifying for higher sums. Participants in the 2019 landline breach may receive as much as $5,000, while those from the 2022 wireless breach can claim up to $2,500.

According to the court document, qualifying subscribers will start receiving notifications via mail or email from August 4, 2025, with the distribution expected to conclude by October 17, 2025. Submissions for compensation must occur no later than November 18, 2025.

The agreement awaits final judicial endorsement on December 3, 2025, after which distributions will commence.

In addition to anticipating notifications, those impacted should implement protective measures against the consequences of these significant incidents, such as updating passwords—particularly any that were exposed or reused across platforms—securing financial accounts, remaining vigilant against fraud attempts, and monitoring relevant updates. A comprehensive resource is available to guide users through these protections, which remain essential amid frequent cybersecurity threats.