This was a case where people that had access to personal information abused their position and not hackers using software vulnerabilities to break into company servers. It's a reminder that there are plenty of ways for people to access our personal information that go beyond computer security breaches.
AT&T said in a statement, "We recently learned that three employees of one of our vendors accessed some AT&T customer accounts without proper authorization," according to ITworld.
AT&T isn't naming the company involved, but did say there were three employees responsible for accessing the information. AT&T said it has taken steps to help ensure other companies don't access customer information without proper authorization in the future, and has contacted law enforcement to report the incident.
In a letter to subscribers AT&T said,
Employees of one of our service providers violated our strict privacy and security guidelines by accessing your account without authorization. AT&T believes the employees accessed your account as part of an effort to request codes from AT&T than are used to unlock AT&T mobile phones in the secondary mobile phone market.
With Social Security numbers and call records in hand the threat of identity theft is a possibility,although AT&T hasn't said anything to indicate that there's evidence to show the three employees intended to use or sell the information for fraudulent activities.
0 comments:
Post a Comment