Social Security numbers and call records for many AT&T Mobility subscribers have been accessed without authorization by a third-party service provider. The data was taken by employees at the service provider between April 9 and April 21, and AT&T isn't saying just how many of its customers were affected.
AT&T customer data was accessed with out authorization exposing Social Security numbers
AT&T said in a statement, "We recently learned that three employees of one of our vendors accessed some AT&T customer accounts without proper authorization," according to ITworld.
AT&T isn't naming the company involved, but did say there were three employees responsible for accessing the information. AT&T said it has taken steps to help ensure other companies don't access customer information without proper authorization in the future, and has contacted law enforcement to report the incident.
In a letter to subscribers AT&T said,
Employees of one of our service providers violated our strict privacy and security guidelines by accessing your account without authorization. AT&T believes the employees accessed your account as part of an effort to request codes from AT&T than are used to unlock AT&T mobile phones in the secondary mobile phone market.
With Social Security numbers and call records in hand the threat of identity theft is a possibility, although AT&T hasn't said anything to indicate that there's evidence to show the three employees intended to use or sell the information for fraudulent activities.