If you’re an AT&T subscriber, you might want to keep a close eye on your credit reports. The company has disclosed that approximately 7.6 million current account holders and approximately 65.4 million former account holders “were contained in a data set released on the dark web approximately two weeks ago.”
While it’s unclear how the breach occurred or if it involves AT&T directly or one of its vendors, the company says it includes personal information such as names and Social Security numbers. A preliminary analysis appears to indicate that the data is from 2019 and earlier, though AT&T is still conducting “a robust investigation supported by internal and external cybersecurity experts.”
The company reports the compromised data likely does not contain personal financial information or call history.
AT&T says it does not have evidence of unauthorized access to its systems and will be reaching out to all current and former customers who may have been impacted. The company notes that the incident “has not had a material impact on AT&T’s operations.”
If you are contacted by AT&T, there’s not a lot you can do but hope the leak isn’t as bad as it sounds. AT&T will be “offering credit monitoring at our expense where applicable,” so you’ll be able to monitor any suspicious activity. Additionally, AT&T has reset the passcodes for anyone who may have been affected.
This article originally appeared on macworld.com.