AT&T suffered a data breach in August, carried out by one of its own staff, the cellular giant confirmed on Monday.
In a letter to Vermont's attorney general [PDF], AT&T officials said the former employee was able to access account information, including Social Security and driving license numbers.
Unique customer numbers, known as Customer Proprietary Network Information (CPNI), which can include metadata — such as the time, date, duration, and destination number of each call made — were also viewed by the company insider.
The letter said the account information was accessed "without authorization."
"This is not the way we conduct business, and as a result, this individual no longer works for AT&T," the letter wrote.
AT&T said it has informed law enforcement of the data breach.
However, the company, which remains the second-largest cellular giant by customers in the US behind Verizon, remained mum on how many individuals were affected.
We reached out to AT&T but did not hear back at the time of writing.