AT&T Employee Accesses Personal Data of Vermont Subscribers without Authorization

October 08, 2014
By: Paula Bernier

In case there was any doubt, the news about AT&T (News - Alert) earlier this week proved once again that no organization is immune from a security breach. According to an AT&T letter posted on the state of Vermont’s website, the information of 1,600 AT&T customers was accessed without authorization in August by an employee of the communications company. (That individual reportedly has since been dismissed.)

The exposed data included driver’s license numbers, social security numbers, and Customer Proprietary Network Information indicating what telecommunications services users purchase from AT&T.

AT&T in the letter said it would reverse any unauthorized changes or charges to customer accounts as a result, offer affected customers one year of free credit monitoring, and notify federal law enforcement about the unauthorized access of users’ CPNIs.

“The recent breach at AT&T underscores this threat where an employee was able to access and copy thousands of customer records including social security and other customer information,” Eric Chiu, president and co-founder of HyTrust, commented. “Data is the new currency and companies need to protect it from employees looking to profit from stolen customer information as well as outside attackers who are using insider threats to stage the biggest breaches in history, including JPMorgan Chase, Home Depot, Target (News - Alert), Goodwill and others.”

JPMorgan recently revealed that in June it experienced a data breach that affected the address, email, name and phone number information of 76 million households and 7 million small businesses.

Home Depot, meanwhile, was hit with a six-month breach affecting 53 million credit and debit cards. The home improvement retailer says the breach was to its payment data systems, which could impact customers using payment cards at its U.S. and Canadian stores. The company began offering free identity protection services, including credit monitoring, to any customer who used a payment card at a Home Depot store in or after April 2014.

All of the above join the ranks of Michael’s, Target, TJ Maxx, and many other organizations in having experienced a security breach.

There’s been a 21 percent increase in data breaches this year as compared to last year, according to the Identity Theft Resource Center. According to the ITRC 2014 Data Breach Category Summary, there were 589 breaches identified by the group this year as of Oct. 7, and those breaches exposed 76,681,707 records. 




Edited by Maurice Nagle


Original Page