Roughly 18 months after AT&T admitted that hackers had stolen call and text records belonging to nearly all of its cellular customers, the company’s $177 million data breach settlement is entering its final stage. Payments are scheduled to begin going out this spring, and anyone who filed a valid claim before the December 18, 2024, deadline can receive up to $7,500 without submitting any additional paperwork.
The settlement resolves a wave of class-action lawsuits triggered by AT&T’s July 2024 SEC filing, in which the company disclosed that call and text metadata for approximately 110 million customers had been illegally downloaded from Snowflake, a third-party cloud platform AT&T used to warehouse records. The compromised data spanned activity from May through October 2022, plus a single day in January 2023.
No call or text content was taken. But the stolen records showed which phone numbers contacted each other, how frequently, and for how long. For a subset of customers, cell site identification numbers were also exposed, putting approximate location data at risk. The sheer scale made it one of the largest telecom data incidents in U.S. history.
How the $177 million settlement fund breaks down
According to the court-approved settlement notice, the fund is divided into two pools. Approximately $149 million is earmarked for direct payments to individual claimants. The remaining $28 million covers plaintiffs’ attorney fees, administrative costs, and other court-authorized expenses.
The $7,500 per-person cap applies to claimants who documented specific out-of-pocket losses connected to the breach, such as expenses from identity theft, fraudulent charges, or the time spent resolving those problems. Most filers who submitted claims without itemizing individual losses will receive a smaller, pro-rata share. The exact dollar amount per person hinges on how many valid claims were filed before the deadline, a figure the settlement administrator has not publicly disclosed.
Payments will be delivered through whichever method each claimant selected during the filing process, whether a mailed check or electronic transfer. Claimants do not need to reconfirm their information unless they have moved or changed bank accounts since submitting their claim.
What claimants still don’t know
The most pressing gap is a specific payout date. Court filings reference a spring distribution window, but no exact week or month has been confirmed for the first round of payments. There is no public dashboard or online tracker where individual claimants can monitor their claim status.
The total number of claims filed also remains undisclosed, which makes estimating the average payout impossible. If hundreds of thousands of AT&T’s 110 million affected customers submitted claims, individual payments could land well below the $7,500 ceiling. If participation was low, checks could be meaningfully larger. Until the administrator releases that data or the first payments arrive, claimants have no way to gauge what to expect.
A full accounting of the $28 million allocated to fees and administration has not yet been filed with the court as of June 2026. How much goes to the plaintiffs’ legal team, how much covers the mechanics of processing and mailing payments, and whether any portion funds credit monitoring or other programmatic relief for affected customers will become clear only when that accounting is submitted.
What the breach exposed about telecom data security
The AT&T hack was not an isolated event. Snowflake, the cloud platform where the stolen data was stored, sat at the center of a string of corporate breaches in 2024. Cybersecurity firm Mandiant, which investigated the incidents, found that attackers used stolen login credentials to access individual corporate accounts on Snowflake’s platform, exploiting the fact that many of those accounts lacked multi-factor authentication. Ticketmaster, Santander Bank, and other major companies were compromised through the same method.
Two suspects, Connor Moucka and John Binns, were indicted by federal prosecutors in late 2024 in connection with the Snowflake-linked intrusions. Their cases remain pending.
AT&T’s decision to store sensitive customer metadata on a third-party cloud platform, and the security gaps that allowed unauthorized access, became central arguments in the litigation. The specific contractual terms between AT&T and Snowflake, including what security obligations Snowflake was required to meet, have not been made public through the settlement record. Whether Snowflake is contributing financially to the settlement fund or faces separate legal exposure has not been disclosed.
For the 110 million customers whose records were exposed, this settlement is the primary path to compensation. The claims window closed on December 18, 2024, and there is no mechanism for late submissions. Anyone who missed that deadline is not eligible for a payout from this fund.
How to verify your claim and protect your payment
If you filed a claim, the most reliable way to get updates is through the court-appointed settlement administrator. Contact information for the administrator is listed in the original claim confirmation email you received and on the official settlement website referenced in court filings. Avoid relying on social media posts or unofficial forums for payout timelines.
Claimants who have changed their mailing address or bank account since filing should contact the administrator directly as soon as possible to update their records. A misdirected check or failed electronic transfer could delay your payment significantly, and there is no guarantee the administrator will automatically retry.
Keep your original claim confirmation email and any correspondence from the administrator. If a dispute arises over your payment amount or eligibility, those records will be your primary documentation. The court docket and the official settlement notice remain the most authoritative public sources for any developments.
