US telco AT&T has suffered an incident courtesy of a malicious insider, which has resulted in the compromise of account and personal information of number of customers.
According to a breach notification letter sent out to affected users and to the Office of the Vermont Attorney General, it explains that one of the company’s employees violated their policy and security guidelines by accessing users’ account information, including the users’ social security number and driver’s license number.
“Additionally, while accessing your account, the employee would also have been able to view your Customer Proprietary Network Information (CPNI) without proper authorization,” the letter says. “CPNI is information related to the telecommunications services you purchase from us.”
The breach happened in August 2014, and it seems that some of the stolen information has been misused in the meantime.
VIEW FULL STORY