FCC levies $25 Million Civil Penalty on AT&T over Customer Data Breach

The Federal Communications Commission and AT&T Inc (T) have been involved in an aggressive debate and now they have reached a $25 million settlement over the telecommunications giant in response to a data breach affecting roughly 300,000 customers.

A senior FCC official told reporters on a conference call that these breaches resulted in an unauthorized disclosure of names and full or partial Social Security numbers and illegal access to account information of about 280,000 U.S customers of AT&T.

According to U.S. Federal Communications Commission, the employees at call centers sold hundreds of thousands of AT&T customer records, including names and Social Security numbers, to criminals who attempted to use the customer information to unlock stolen mobile phones.

AT&T said in a statement: “We are terminating vendor sites as appropriate. We’ve changed our policies and strengthened our operations.”

More than 279,000 U.S. customers of AT&T were affected by the data breaches, originating in call centers in Mexico, Colombia and the Philippines, the FCC said. In addition $25 million civil penalty levied on the No. 2 wireless carrier is the largest data security enforcement action to date.

In October, the FCC imposed a $10 million fine on telecom companies TerraCom and YourTel for consumer privacy breaches.

AT&T has “no reason to believe” that the stolen customer records were used for identity theft or financial fraud, the company said in a statement.

The FCC initiated an investigation into improper disclosure of customer information at AT&T’s Mexico call centers in May. Soon after that AT&T informed the agency of additional data breaches in Colombia and Philippines, the official said.

AT&T will notify all affected customers, will pay for credit monitoring in many cases, and hire a data security compliance manager as part of the settlement with the FCC.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Blind SQL Injection Tutorial to Hack a Website

In the previous article, we have the basics of SQL Injection; what SQLi is and what are the types of SQL injection. And, In...

What is SQL Injection? Tutorial: Type and Example

What is SQL injection, and what are the types of SQL injection? These are the common questions, and we will seek the answer to...

Are Cisco 300-410 Exam and Its Related Certification Your Pathway to Career Success? Find Out about This

Introduction Career success can mean different things to different people. For some, it could mean having a prestigious title and for others, it could be...

How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and...