US telecom giant AT&T warns its millions of customers about some of their sensitive data (opens in a new tab) Exposure in supply chain cyber incidents.
according to a Beep computer The data breach was the result of a January 2023 hack targeting an AT&T marketing vendor, the report said.
Now, the company is warning some 9 million customers that some of their sensitive data has been accessed by an unauthorized third party.
Social Security Number Intact
“Some wireless accounts had customer-proprietary network information compromised, such as the account’s line count or wireless rate plan,” AT&T told the publication. “The information did not include credit card information, social security numbers, account passwords, or other sensitive personal information. We are notifying affected customers.”
The notice didn’t specify how many people were affected by the breach, but the company did tell the media that “9 million wireless accounts” were compromised.
Customers’ names, wireless account numbers, wireless phone numbers and email addresses were all compromised, the company added.
“A small number of affected customers also exposed rate plan names, overdue amounts, monthly payment amounts, various monthly charges, and/or minutes used. This information is several years old,” AT&T further said.
The company confirmed it was a supply chain attack and its systems remain uncompromised. Additionally, ti added, the data captured was primarily related to eligibility for equipment upgrades. Nonetheless, the company did notify the police of the incident.
“We have notified federal law enforcement of unauthorized access to your CPNI, as required by the FCC,” the company told its customers. “Our report to law enforcement did not contain specific information about your account, only unauthorized access.”
pass: Beep computer (opens in a new tab)
