Enlarge (credit: Getty Images)

AT&T is notifying millions of current or former customers that their account data has been compromised and published last month on the dark web. Just how many millions, the company isn't saying.

In a mandatory filing with the Maine Attorney General’s office, the telecommunications company said 51.2 million account holders were affected. On its corporate website, AT&T put the number at 73 million . In either event, compromised data included one or more of the following: full names, email addresses, mailing addresses, phone numbers, social security numbers, dates of birth, AT&T account numbers, and AT&T passcodes. Personal financial information and call history didn’t appear to be included, AT&T said, and data appeared to be from June 2019 or earlier.

The disclosure on the AT&T site said the 73 million affected customers comprised 7.6 million current customers and 65.4 million former customers. The notification said AT&T has reset the account PINs of all current customers and is notifying current and former customers by mail. AT&T representatives haven’t explained why the letter filed with the Maine AG lists 51.2 million affected and the disclosure on its site lists 73 million.

Enlarge / Entrance to Fox News headquarters at NewsCorp Building in New York. (Photo by Erik McGregor/LightRocket via Getty Images) (credit: Getty Images)

News Corp., the parent company of Fox News, The Wall Street Journal, and several other news outlets, said that hackers were inside its network for nearly two years and made off with private documents and emails.

News Corp. first disclosed the breach in February 2022, in a filing with the Securities and Exchange Commission and an article in The Wall Street Journal. The company said at the time that it discovered “persistent cyberattack activity” a month earlier in a third-party cloud service it used. Security firm Mandiant, which aided News Corp. in investigating the intrusion, told the WSJ it believed the attack was conducted by a threat actor aligned with the Chinese government.

Last week, News Corp. sent a breach notification letter to at least one affected employee that provided additional details.

Enlarge (credit: Getty Images )

A ransomware outfit calling itself Vice Society has dumped nearly 300,000 files belonging to the Los Angeles Unified School District as punishment for rebuffing demands it pay the group a hefty fee to recover data stolen during a recent cyber intrusion.

Ransomware operators breach targets’ networks, encrypt all their data, and then charge victims a ransom for the decryption key. More recently, the groups have moved to a double extortion model, in which they also publish the data on the dark web unless victims pay a ransom to keep it private. Already this year, 27 school districts with 1,735 schools among them have been hacked in ransomware incidents, Brett Callow, a threat analyst with security firm Emsisoft, said .

The Los Angeles Unified School District is the second biggest school district in the US, behind the New York City Department of Education, making it a trophy of sorts for ransomware groups that prey on these organizations.