AT&T data breach class action settlement could pay customers $7,500

When it comes to providing our data to tech companies, we have some confidence that they will protect it.

After all, we give them our most personal information, including Social Security numbers and passwords, with the expectation that they will keep it secure. Most of the time, that trust goes unquestioned. But from time to time it breaks.

AT&T’s $177 million data breach settlement is a stark reminder that even the largest companies can put our data at risk.

AT&T customers may be eligible for a major settlement due to a data breach.Image source: Shutterstock

AT&T Inc. agreed to a $177 million settlement to resolve class action lawsuits. These arose from two major data breaches affecting millions of current and former customers whose personal data ended up on the dark web.

The company did not admit wrongdoing but chose to settle to avoid the costs and risks of prolonged litigation.

“We have agreed to this settlement to avoid the expense and uncertainty of protracted litigation,” AT&T said in a statement to AP News, adding that the company remains “committed to protecting our customers’ data and ensuring their continued trust in us.”

In March 2024, AT&T revealed that it had exposed data on approximately 7.6 million current customers and 65.4 million former account holders, including Social Security numbers, dates of birth, and passcodes. The sensitive information was posted online, the AP reported.

Related: Verizon quietly takes aggressive steps to stop fleeing customers

Later in 2024, the company revealed a second breach, this time involving unauthorized downloads of data related to calls and text messages from a cloud platform dating back to 2022.

AT&T stated that the breach did not include the content of calls or text messages.

Both incidents led to multiple consolidated lawsuits in the United States District Court for the Northern District of Texas.

The $177 million settlement resolves claims of both violations.

The deal is divided into two subfunds: approximately $149 million for the first offense (AT&T 1) and $28 million for the second (AT&T 2), also according to AP.

Eligible claimants can receive:

• Up to $5,000 for documented first violation losses (AT&T 1).

• Up to $2,500 for documented losses from the second offense (AT&T 2).

• Customers affected by both breaches could qualify for combined payments of up to $7,500, according to Business Insider.

Payments will depend on documented losses related to violations and the number of valid claims. They will also be subject to the deduction of administration and legal expenses.

To receive payment, claims must be submitted by December 18, 2025. Those who wish to opt out and then reserve the right to sue individually must do so by November 17, 2025.

The court will hold a final approval hearing on January 15, 2026, according to Telecom Data Settlement.

Steps for claimants:

1. Check eligibility through notices from Kroll Settlement Administration or the official website.

2. Gather documentation such as receipts, statements, tracking fees or other evidence of losses related to the breach.

3. File a claim online or by email before the postmark deadline.

4. Decide whether to stay in class or opt out. Doing nothing means staying in the class and being bound by the agreement.

5. Monitor updates for payment schedule after court approval.

This settlement provides affected customers with a unique opportunity for financial recovery from large-scale personal data exposure. However, maximum payments require documented losses and many claimants may receive less.

From a corporate perspective, the $177 million payment underscores the financial and reputational risks of data breaches. For companies with large customer databases, proactive cybersecurity and early disclosure remain critical.

• The $177 million settlement against AT&T’s annual revenue of $165 billion in fiscal 2024 shows the settlement is significant for affected consumers but modest relative to overall revenue.

• $149 million allocated to the AT&T 1 breach, $28 million to the AT&T 2 breach.

AT&T’s settlement offers affected customers a clear path to compensation, but only if they act before the deadlines. As data security continues to come under scrutiny, the case reinforces that protecting personal information is a substantial corporate responsibility that consumers also demand.

Related: T-Mobile announces free offer for Verizon and AT&T customers

This story was originally reported by TheStreet on November 15, 2025, where it first appeared in the Technology section. Add TheStreet as a preferred source by clicking here.