AT&T is warning consumers about a data breach involving an insider who illegally accessed the personal information of an unspecified number of users. The compromised data includes Social Security numbers and driver’s license numbers.
In a letter sent to the Vermont attorney general, AT&T officials said that the breach occurred in August and that the employee in question also was able to access account information for AT&T customers.
“We recently determined that one of our employees violated our strict privacy and security guidelines by accessing your account without authorization in August 2014, and while doing so, would have been able to view and may have obtained your account information including your social security number and driver’s license number. Additionally, while accessing your account, the employee would have been able to view your Customer Proprietary Network Information (CPNI), without proper authorization,” said Michael A. Chiarmonte, director of finance billing operations at AT&T, in a letter to the Vermont AG.
The CPNI he referred to in the letter includes data that’s related to the services that consumers buy from the company. Chiarmonte said that the letter that the employee responsible for the breach no longer works for AT&T. It’s not clear from AT&T’s disclosure how many consumers have been affected by the breach or which other states may have citizens who are affected.
As a result of the breach, AT&T is offering affected customers a year of free credit monitoring, as has become customary in these incidents. The company also is recommending that customers change the passwords on their accounts.
“On behalf of AT&T, please accept my sincere apology for this incident,” Chiarmonte said in the letter.
Image via the Flickr photo stream of Mike Mozart