AT&T has suffered an insider breach that exposed customersâ€™ account information including social security numbers and driverâ€™s license numbers, according to an AT&T notification letter.
The affected number of users is so far unknown as the breach was carried out in August by an employee who was able to access customers’ account information.
“We recently determined that one of our employees violated our strict privacy and security guidelines by accessing your account without authorization in August 2014, and while doing so, would have been able to view and may have obtained your account information including your social security number and driverâ€™s license number,” said Michael A. Chiarmonte, AT&T’s Director of Finance Billing Operations.
“Additionally, while accessing your account, the employee would have been able to view your Customer Proprietary Network Information (CPNI), without proper authorization.â€
The insider was dismissed for accessing sensitive data without authorization.
CPNI, also known as Customer Proprietary Network Information or unique customer numbers, can contain metadata on calls such as date, time, duration and destination number.
AT&T is offering one year of free credit monitoring for victims of the incident. The company also advised users to change their account passwords and place a fraud alert on their credit report.
â€œOn behalf of AT&T, please accept my sincere apology for this incident,â€ Chiarmonte concluded.