Enter Keywords:
Thursday, 22 February 2018
April-280,000 customers' data exposed at AT&T security breach
Wednesday, 19 August 2015

AT&T (T) data breaches exposed about 280,000 U.S. customers' names and full or partial Social Security numbers, the government said.


The company agreed to pay a $25 million civil penalty to settle an investigation into the consumer privacy violations, the FCC said Wednesday.


The breaches occurred at call centers used by AT&T in Mexico, Colombia, and the Philippines when employees accessed sensitive customer data without adequate authorization. Those employees took payment from third parties who were apparently interested in customer names and Social Security numbers so they could unlock stolen cell phones for sale on secondary markets, the FCC said.


The investigation found that three call center employees in Mexico accessed more than 68,000 accounts without authorization, so the third parties could submit more than 290,000 unlock requests through an AT&T online portal, the agency said. Over the course of the investigation into that breach, the FCC also discovered that approximately 40 company employees in the Philippines and Colombia had accessed about 211,000 customer accounts for the same illicit purposes.


"As the nation's expert agency on communications networks, the Commission cannot—and will not—stand idly by when a carrier's lax data security practices expose the personal information of hundreds of thousands of the most vulnerable Americans to identity theft and fraud," FCC Chairman Tom Wheeler said in a press release.


As part of its settlement with the FCC, AT&T agreed to notify all customers whose accounts were improperly accessed, and to pay for credit monitoring services for those customers affected by the breaches in Colombia and the Philippines, the agency said.


The telecom also assented to improving its security practices and regularly filing compliance reports to the FCC, according to the release.

Next >

All of the content of this site is copyrighted by the Communications Workers of America Local 3250 unless otherwise noted
Nothing on this site should be considered as an official statement, errors may exist and CWA 3250 accepts no obligation for errors, inclusions or omission concerning the content of this site.
Website Designed by GraCom: CMS, Graphics, Web Technologies.