Skip Tags

Popular Tags

Decorative icon

The Resource Center Identity Theft & Protection The Resource Center | article

AT&T Announces Internal Security Breach

AT&T recently announced that an employee, who has since been fired, illegally accessed the personal information of up to 1,600 customers. Social Security and driver's license numbers were compromised.

Social Security and driver's license numbers were stolen from 1,600 AT&T customers.

AT&T recently announced that an employee, who has since been fired, illegally accessed the personal information of up to 1,600 customers. Social Security and driver's license numbers were compromised.

This isn't the first security lapse the company has suffered. In fact, there was a similar incident in June of this year, affecting about 500 individuals.

"We recently determined that one of our employees violated our strict privacy and security guidelines by accessing your account without authorization in August 2014," said Michael Chiaramonte, AT&T's director of finance billing operations, in a letter to affected customers. "And while doing so, would have been able to view and may have obtained your account information including social security number and driver's license number."

Security experts recommend that AT&T customers vigilantly monitor their accounts in the coming months, in case of possible attacks.

AT&T made the announcement in the wake of JP Morgan’s large-scale breach, which affected 76 million households. Earlier this year, P.F. Chang's, Jimmy John's, Michaels, Neiman Marcus and Supervalu were also breached, not to mention last year's Target fiasco.

According to The Washington Post, cybercriminals have executed an astonishing 579 data breaches this year, representing a 27.5 percent increase year-over-year. This storm of cybercrime has made consumers more skeptical, but it has also given the public a severe case of what experts term "breach fatigue." Consumers are beginning to become apathetic in the face of so many highly publicized security incidents.

In fact, Identity Theft Resource Center research shows that 32 percent of consumers who receive personal breach notifications do not modify their behavior in any way to protect their information. Another 71 percent of respondents reported that they did not cease doing business with companies that had been breached.

"I think we get upset," security expert Steven Weisman said to the Washington Post. "I think we get angry. And then we go back to what's easy, convenient and we're used to."

This lack of long-lasting public concern is reflected in the post-breach trends of JPMorgan and Home Depot, two of the largest security failures to ever occur. Home Depot's stock is up 14 percent this year, actually rising by 2 percent since the announcement of a six-month data breach that affected 53 million credit and debit card numbers.

Similarly, JPMorgan's stock has held steady since news of the breach first broke.

Security experts warn, however, that consumer apathy is a dangerous phenomenon. Although banks can easily replace credit cards, if a cybercriminal achieves full-scale identity theft there are fewer and fewer solutions available to the victim. It's much easier to resolve theft when it is detected early on, before too much damage is done.

Hackers are more persistent than ever, so it has become consumers' responsibility to protect themselves in the face of the inevitable data breaches still to come. Here are a few actions you can take on your own to help protect yourself.

  • Take advantage of any credit monitoring services offered to you by companies that have experienced a breach. The sooner you know about certain activity that could indicate identity theft, the sooner you can take action to resolve it.
  • Change your online account passwords frequently, creating a different one for each site. If you have trouble remembering long and complex passwords, try using a password manager that encrypts your information so it is secure.
  • Regularly monitor your financial statements for purchases and transactions you didn't authorize. Report any to your financial institution immediately.