AT&T Inc. agreed to pay $13 million to settle an investigation by the US Federal Communications Commission into whether the telecommunications company failed to protect customer data that was stolen when a cloud vendor was hacked last year.
The unnamed vendor experienced a in early 2023 that exposed the information of nearly 9 million AT&T Mobility customers. The data included subscriber information from 2015 to 2017 — such as the number of phone lines associated with a particular account — but not sensitive personal information like Social Security or credit card numbers, AT&T said.
AT&T failed to secure the data shared with the vendor and didn’t ensure that the company deleted or returned the information as it was contractually required to do, the FCC said. As part of the settlement, AT&T agreed to improve its internal and vendor data-handling practices.
In July, AT&T suffered another, much broader data breach via cloud platform Snowflake Inc. that exposed call and text metadata for almost all of its mobile customers during several months of 2022. It also disclosed a dark-web data leak in March affecting 73 million customers and exposing Social Security numbers and account passcodes.
Was this article valuable?
Here are more articles you may enjoy.
IMA Latest to Sue Howden Over Alleged Employee Poaching 
UK Payments Firm Moved Billions for Risky Clients Before FCA Seizure 
‘Ghost Broker’ Who Procured 1,120 Policies Through Fraud Arrested 
More Americans Are Moving Away From Flood Risk Than Toward It 
