The Federal Communications Commission has fined AT&T $25 million over a privacy breach at the company’s call centers, reports The New York Times.
About 300,000 of the carrier’s customers had their names and Social Security numbers stolen and sold to third parties by employees in Mexico, Colombia and the Philippines.
FCC officials said the parties who bought the data may have been attempting to activate stolen cellphones that they wanted to sell. AT&T customers’ personal information was used to submit more than 290,000 handset unlock requests through its site.
AT&T says it has “no reason to believe that the information was used for identity theft or financial fraud against our customers,” but that’s wishful thinking, and only time will tell if these people will be affected more deeply. A class-action lawsuit might also pop up in short order.
The $25 million fine is the largest the FCC has ever imposed for data security and privacy violations. The agency first learned of the breach in May. AT&T will also have to notify all affected customers and provide credit-monitoring services.
➤ F.C.C. Fines AT&T $25 Million for Privacy Breach [The New York Times]