AT&T Inc. agreed to pay $13 million to settle an investigation by the US Federal Communications Commission into whether the telecommunications company failed to protect customer data that was stolen when a cloud vendor was hacked last year.
The unnamed vendor experienced a data breach in early 2023 that exposed the information of nearly 9 million AT&T Mobility customers. The data included subscriber information from 2015 to 2017 — such as the number of phone lines associated with a particular account — but not sensitive personal information like Social Security or credit card numbers, AT&T said.
AT&T failed to secure the data shared with the vendor and didn’t ensure that the company deleted or returned the information as it was contractually required to do, the FCC said. As part of the settlement, AT&T agreed to improve its internal and vendor data-handling practices.
In July, AT&T suffered another, much broader data breach via cloud platform Snowflake Inc. that exposed call and text metadata for almost all of its mobile customers during several months of 2022. It also disclosed a dark-web data leak in March affecting 73 million customers and exposing Social Security numbers and account passcodes.
Top photo: An AT&T store in New York, US, on Monday, Jan. 22, 2024. AT&T Inc. is scheduled to release earnings figures on January 24.
Was this article valuable?
Here are more articles you may enjoy.
New York Homes Most Exposed to Hurricane Risk, Beating Miami 
Verisk Report Shows Drop in US Reconstruction Costs in 2Q 
Lake Tahoe Power Crunch Shows AI’s Growing Energy Toll in West 
Groups Seek FTC Probe into Roblox for Kid Spending 
Want to stay up to date?
Get the latest insurance news
sent straight to your inbox.