AT&T Vendor Breach Exposes Data on 9M Wireless Accounts
AT&T is notifying customers of a Customer Proprietary Network Information compromise, exposing years-old upgrade details.
A compromise of an unnamed marketing vendor used by AT&T has exposed data associated with nearly 9 million wireless telecom accounts.
The breached data did not contain payment information, account passwords, Social Security numbers, or other personally identifiable information, AT&T said in a statement provided to Dark Reading. Instead, the cyberattack allowed unauthorized access to information used to determine eligibility it said, characterizing the data as years old.
The mobile carrier is notifying affected customers, it said. According to notification letter in an AT&T Community forum.
"We recently determined that an unauthorized person breached a vendor's system and gained access to your Customer Proprietary Network Information (CPNI)," the data breach notification letter in the AT&T community forum read. "In our industry, CPNI is information related to the telecommunications services you purchase from us, such as the number of lines on your account or the wireless plan to which you are subscribed."
It added, "We have notified federal law enforcement about the unauthorized access of your CPNI as required by the Federal Communications Commission. Our report to law enforcement does not contain specific information about your account, only that the unauthorized access occurred."
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024