Telecommunication giant AT&T is at the center of a U.S. Federal Communications Commission’s (FCC) investigation as it got its cord tangled in a string of consumer security breach.
The FCC slapped AT&T with a settlement amounting to $25-M!
In a news release posted on the FCC website last April 8, it was revealed that about 280,000 of its American customers were believed to have been affected by what they dubbed as the “largest privacy and data security enforcement action” to date.
The said consumer security breach was committed by the company’s call centers in Mexico, Colombia and the Philippines.
Among the information disclosed by some employees of their call centers to third parties were full names and Social Security numbers of their customers that can be used to unlock AT&T handsets.
Investigating the period between November 2013 and April 2014, the FCC found out that three AT&T call center employees in Mexico released customer information to third parties in exchange for money. They accessed and released thousands of data without consent of their customers and handed them to third parties believed to be involved in the trade of stolen phones.
The data breach lasted for 168 days, according to FCC.
Meanwhile, about 40 call center employees in Colombia and the Philippines were said to have done the same.
The FCC insisted that they won’t tolerate such acts.
In the news release, FCC Chairman Tom Wheeler said “… the Commission cannot — and will not — stand idly by when a carrier’s lax data security practices expose the personal information of hundreds of thousands of the most vulnerable Americans to identity theft and fraud.”
Aside from the fine, the FCC also asked AT&T to improve its data protection practices and to regularly submit compliance reports to the commission.
This is not the first time that the FCC has acted to better protect mobile consumers. Last year, they have also imposed fines versus Dialing Services, LLC, Sprint Corporation, Verizon and TerraCom, Inc. and YourTel America, Inc. for failing to respect and protect the privacy of their customers.
In a report by Reuters, AT&T said they are now reaching out to those affected by the breach. They are also beefing up efforts to avoid the incident from happening again. Among their actions – terminating vendors who do not meet their policies.
Due to the incidents, all AT&T accounts in call centers in countries involved in the breach may be at the brink of being pulled, according to a report from Call Center Focus. The website also said that reports in Mexican media revealed that a local investigation on the issue is ongoing. No word yet if there are also local investigations being done in Colombia and the Philippines.