AT&T: 'twas conniving contractors who nicked your info

[InfoSec News <alerts () infosecnews org>]

http://www.theregister.co.uk/2014/06/14/att_twas_conniving_contractors_that_nicked_your_info/

By Shaun Nichols
The Register
14 Jun 2014

AT&T is warning customers that their personal information might have been 
breached as part of a scheme to unlock and resell devices.

The company said in a filing to the California Attorney General's office 
that employees at an unnamed service provider it works with had accessed 
the personal data of customers including social security numbers and date 
of birth.

According to a letter the company has sent to customers, the breach 
occurred earlier this year between April 9 and 21 as three workers pulled 
the customer data in order to request unlock codes from AT&T which could 
then be used to remove the device from AT&T's network and allow the device 
to be resold.

The information was apparently part of a scheme by the group to unlock and 
resell devices on the AT&T network. The company typically allows users to 
unlock their devices from its network by entering a code which can be 
obtained from the company by supplying account information including 
portions of the customer's social security number.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/