If you are a AT&T mobile service customer in the United States you are in a bit of soup. AT&T has issued a warning to all its mobile customers of a data breach that leaked birth dates and Social Security numbers of its United States subscribers. According to a letter written by AT&T to the California Attorney General, one of AT&T’s contractor was responsible for the breach. The contractor has since been identified and his contract with AT&T has been terminated.
In the letter, AT&T said that contractor and his cohorts were apparently looking to generate codes that unlock devices and thus leaked the sensitive customer information. AT&T stated that it has a uncompromising policy for privacy through this letter to the AG office. This letter has now been mailed to all AT&T subscribers and AT&T said that it is offering affected customers a year of free credit monitoring and is recommending that all AT&T subscribers should change the passcodes on their accounts as a precaution.
In the letter to the subscribers, the Telco stated that, “AT&T’s commitment to customer privacy and data security are top priorities, and we take those commitments very seriously,” It then went on to describe the breach for its subscribers, “We recently determined that employees of one of our service providers violated our strict privacy and security guidelines by accessing your account without authorization between April 9 and April 21, 2014, and, while doing so, would have been able to view your social security number and possibly your date of birth.”
It further added, “AT&T believes the employees accessed your account as part of an effort to request codes from AT&T that are used to unlock AT&T mobile phones in the secondary mobile phone market so that those devices can then be activated with other telecommunications providers.”
AT&T in an independent report confirmed that the contractor was not able to breach any financial data of the customers. But AT&T refused to inform as to how many of its 116+ million subscribers were affected. It also didnt specify as to how a contractor could access such important customer information files without any checks and balances. Security experts believe this to be a big lapse on part of the carrier due to undefined roles in the hierarchy.
If you are a affected AT&T subscriber, you may have received a email from the telco stating the same and offering you a year of free credit monitoring. Either way all AT&T subscribers are requested to change their passcodes immediately.