Hacker News new | past | comments | ask | show | jobs | submit login

I've been with AT&T since they merged with Cingular in 2004-2006 or so, and according to https://haveibeenpwned.com/ I'm not included in this dump. However I didn't split my account from my parents until 2021 or so, so I'm not sure if I would have been or not if this was from before then.

Edit: My parents' email addresses aren't showing this dump either. Looks like we weren't included at all, so it can't just straight be all AT&T customers.




I too have been with AT&T since the Cingular merger and am also not in the HIBP db. I use a custom email address related to Cingular, which I otherwise would have forgotten existed.


I've been with AT&T forever, I've used a custom email address for AT&T since forever, and my email address is also not in the dump (I have a Premier account.)


Same here. My 2004-era Cingular-specific email isn't in HiBP.


According to this chart (whose source you have to pay to see, so unknown reliability), ATT Wireless has had well north of 150m customers in the date range in question, so it wouldn't be all of them.÷


150M lines may be but not all of 'em translate into customer. it's slightly grey area how you see the customer from Financial standpoint vs account management stand point. IMHO 150M lines may roughly be 30 million customers at the max who could /would have shared their billing address/email address with ATT.


Just checked and I'm not in it either according to havibeenpwned.com, but was an AT&T customer for over 15 years and only recently stopped being an active customer.


Your link is mispelled - HAV ibeenpwned and not HAVE ibeenpwned.com. It links to a malicious site.


This is always my first concern anytime I want to register a domain. How much is it worth to me to also register variants of it just to protect against this. It used to be just own all the TLDs, but now we have common typos as well just to protect your brand. For a money generating company, a few hundred monetary units annually isn't too bad, but sheesh just another example of people are assholes!!


It could be AT&T wireline/fiber only or something.


That looks to be the case since I'm not an AT&T wireless customer, but am a user of their fiber services.


keep in mind that HIBP doesn't offer any bare name, physical address, phone number, social security number, or birthdate lookup (at least as far as i can tell). i would take its utility regarding this breach with a grain of salt, and query the actual raw dataset if i wanted to be absolutely sure.


According to the article:

> As of now, all 49M impacted email addresses are searchable within HIBP.


and what about accounts that never furnished an email address? unassociated/orphaned/duplicate/etc. datapoints?

full disclosure: i have not seen the raw dataset.


I think I'd know how I sign into the website.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: