• United States




AT&T Mobility data breach

Jun 13, 20142 mins
Data and Information Security

This week AT&T Mobility filed a breach notification in California.

This week AT&T Mobility filed a breach notification in California. Apparently from April 9 until April 21, 2014 one of their third party providers violated their security and privacy guidelines and was accessing customer data. AT&T believes that the data was accessed in a effort to unlock phones for secondary market resale. The breach was discovered on May 19, 2014.

Now, the problem here is that in doing so, the AT&T partner employees would have been able to view customer social security numbers and date of birth. In addition to this information the Customer Proprietary Network Information (CPNI) which is related to services that they had subscribed to with the mobile provider would have been viewable.

AT&T will be offering one year of free credit reporting for customers affected by the breach. While we know the date range it aaas not immediately clear how many customers were in fact affected.

Federal law enforcement has been informed of the unauthorized access to the customer data but again, no detail as to whether to not this will be investigated further.

One other piece of information that they included was the recommendation that customers change their passcode. As well, if the customer doesn’t have an passcode that they add one. So, is this to say that the passcodes were compromised as well?

Notifications are winding their way towards affected parties.


(Image used under CC from Chris Young)


Dave Lewis has over two decades of industry experience. He has extensive experience in IT security operations and management. Currently, Dave is a Global Security Advocate for Akamai Technologies. He is the founder of the security site Liquidmatrix Security Digest and co-host of the Liquidmatrix podcast.

The opinions expressed in this blog are those of Dave Lewis and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author