We are receiving reports that anyone who was an AT&T customer before and including 2021 should be aware that confidential customer data from AT&T appears to be exposed on the Dark Web and for sale to bad actors.
 

https://www.bleepingcomputer.com/news/security/att-says-leaked-data-of-7...
 

Though AT&T denies that any data on its servers were leaked, targeted assessment of the purported leaked data with know persons has confirmed the data as real.

This data includes names, addresses, mobile phone numbers, encrypted date of birth, encrypted social security numbers, and other internal information.

"Therefore, if you were an AT&T customer before and through 2021, it is safer to assume that your data was exposed and can be used in targeted attacks, including SMS and email phishing and SIM swapping attacks. 

If you receive any SMS texts or phishing emails claiming to be from AT&T, be very careful about providing any information. Instead, contact AT&T directly to confirm that they attempted to contact you.”

Passwords do not appear to have been listed as part of the data leaked. But to be safe, if the news of this data leak worries you at all, you should change the password for your AT&T account and for any other personal account that uses the same password.