Secure Shopping

Data Breach at AT&T

October 15, 2014 | By Editor 

Summary

Leading cellular network AT&T has fallen victim to data breach.

The telecom service provider has warned consumers about a security violation that involves an employee who illegally obtained personal information of an unspecified number of customers. The compromised information include social security numbers (SSN) and driver’s license numbers.

Data Breach

Data Breach at AT&T

  • The breach occurred in August this year when the employee in question failed to follow the firm’s rules accessed some user information. AT&T officials has letter sent to the Vermont attorney general William Sorrell regarding the data breach and the employee.
  • In the letter, AT&T has stated its recent determination of one of its employees violating the firm’s strict security and privacy guidelines by accessing user accounts without authorization.
  • The violation having occurred in August 2014 would have enabled the employee to view and obtained user account information including SSN and driver’s license number.
  • In addition, while accessing user account, the employee would have been able to view a user’s Customer Proprietary Network Information (CPNI), without authorization.
  • The CPNI includes data that is related to the services that users buy from the firm.
  • Michael Chiaramonte, director of finance billing operations at AT&T, said that the letter also indicates that the employee responsible for the breach is no longer employed with AT&T. It is still not clear from AT&T’s disclosure as to how many users have been affected by the security breach.
  • As a result of the data breach, AT&T is offering its affected customers one year of free credit monitoring, which has become a custom in these incidents. The firm also is recommending its customers change their passwords of their accounts.

AT&T Send Apology Letters

Chiaramont also included an apology for the incident in his letter , on behalf of AT&T.

AT&T also had send out letters to customers based in Vermont informing them of the breach, a letter posted on the Vermont government’s site indicates.

Apart from claiming that an employee violated the firm’s privacy policy and accessed customer information, the letter stated that nearly 1,600 people in the area were impacted by the breach.

AT&T takes its customers’ privacy and security very seriously and values their trust they have in the company.

It was unfortunate for the telecom service to have discovered that one of its very own employee did not follow its strict privacy rules and illegally accessed some customer information. AT &T is directly contacting the limited number of affected users. Though that individual no longer works for AT&T, the breach cannot be reversed.

The theft of private customer information is not new today.

Over the last few years, several big companies have fallen victims to massive data breaches leaving customers’ personal information exposed to hackers.

In 2013, Target’s in-store point-of-sale systems (POS) was hacked resulting in the theft of personal information of nearly 110 million customers.
In 2011, a cyber criminal successfully stole personal information of around 70 million users of Sony’s PlayStation Network.

In comparison, the AT&T data breach is relatively small one and is due to an employee violating company policy.

With not much details, it is not clear why the employee allegedly accessed the information, and whether it will be used for inappropriate means. The carrier also recommended its customers set up a fraud alert on their accounts. AT&T is not revealing any further information about the data breach.

Wildcardssl

Posted in Secure Shopping

Be Sociable, Share!

Leave a Comment


 


* fields are mandatory