AT&T hit by insider data breach, unspecified number of accounts accessed

In a letter to Vermont's attorney general, AT&T did not specify exactly how many customers might have been affected by the insider data breach.
Written by Zack Whittaker, Contributor
Image: CNET/CBS Interactive

AT&T suffered a data breach in August, carried out by one of its own staff, the cellular giant confirmed on Monday.

In a letter to Vermont's attorney general [PDF], AT&T officials said the former employee was able to access account information, including Social Security and driving license numbers.

Unique customer numbers, known as Customer Proprietary Network Information (CPNI), which can include metadata — such as the time, date, duration, and destination number of each call made — were also viewed by the company insider.

The letter said the account information was accessed "without authorization."

"This is not the way we conduct business, and as a result, this individual no longer works for AT&T," the letter wrote.

AT&T said it has informed law enforcement of the data breach. 

However, the company, which remains the second-largest cellular giant by customers in the US behind Verizon, remained mum on how many individuals were affected.

We reached out to AT&T but did not hear back at the time of writing.

(via Threatpost)

Editorial standards