AT&T Data Breach Settlement
Up to $5,000
This settlement is closed to new claims — the deadline was December 18, 2025. You can still see what it was about and follow the case in court below. Looking for money you can still claim? Browse open settlements →
What happened
AT&T announced two data incidents: on March 30, 2024, AT&T-specific data fields were found on the dark web (AT&T 1 Data Incident); and on July 12, 2024, limited data was illegally downloaded from an AT&T workspace on a Snowflake cloud platform (AT&T 2 Data Incident). The data exposed included names, addresses, telephone numbers, email addresses, dates of birth, account passcodes, billing account numbers, Social Security numbers, and call interaction data. AT&T settled the consolidated lawsuits without admitting liability or wrongdoing.
Do you qualify?
AT&T 1 Settlement Class: All living persons in the United States whose data elements (names, addresses, phone numbers, email addresses, dates of birth, account passcodes, billing account numbers, or Social Security numbers) were included in the March 30, 2024 data incident. AT&T 2 Settlement Class: AT&T Account Owners or Line or End Users whose telephone numbers were involved in the July 12, 2024 data incident.
How to file
Submit a claim form by December 18, 2025 (deadline has passed). Claims can be for documented losses up to $5,000 (AT&T 1) or $2,500 (AT&T 2) with supporting documentation, or for pro rata cash payments without documentation. Contact the Settlement Administrator at (833) 890-4930 or mail AT&T Data Incident Settlement, c/o Kroll Settlement Administration LLC, P.O. Box 5324, New York, NY 10150-5324.
New to class actions?
This summary was generated from public settlement documents and may contain errors. Confirm eligibility, deadlines, and payment terms on the official settlement website before filing. ClaimWatch is not a law firm and this is not legal advice. Filing a claim is free.
More data breach settlements
View all →WISP, Inc. Data Privacy Settlement
WISP, Inc. allegedly disclosed customers' personally identifiable information to third parties through Meta Pixel and other tracking technologies without consent, in violation of privacy laws including the Florida Security of Communications Act and California Invasion of Privacy Act. The defendant denies all claims and admits no wrongdoing but agreed to the settlement to avoid litigation costs and uncertainties.
Up to $18
Chattanooga Heart Institute Data Breach Settlement
Memorial Heart Institute experienced a cybersecurity incident between March 8 and March 16, 2023, that may have resulted in unauthorized access to or acquisition of individuals' private information including names, addresses, phone numbers, Social Security numbers, health insurance information, and clinical records.
AGC America Data Breach Settlement
In December 2023, a third party conducted a targeted cyberattack on AGC America's systems and gained unauthorized access to personal information. The compromised data may have included names, addresses, dates of birth, Social Security numbers, driver's license numbers, financial account information, passports, payment card numbers, and health insurance plan enrollment information. AGC denies any wrongdoing.
TRISTAR Data Settlement
TRISTAR Insurance Group, Inc. experienced a data breach in November 2022 in which unauthorized access occurred to personally identifiable information of certain TRISTAR customers. TRISTAR denies all claims and wrongdoing; the settlement is not an admission of liability but rather resolves disputed claims.