AT&T is alerting customers about an employee who reportedly accessed secure and private customer data from within the company. The attack occurred in August, AT&T said, and its employee might have had access to social security numbers and drivers license information.
“We recently determined that one of our employees violated our strict privacy and security guidelines by accessing your account without authorization in August 2014, and while doing so, would have been able to view and may have obtained your account information including your social security number and driver’s license number,” AT&T said in documents recently filed with the state of Vermont. “Additionally, while accessing your account, the employee would have been able to view your Customer Proprietary Network Information (CPNI), without proper authorization.”
AT&T is offering a free year of credit monitoring from CSID to those who may have been affected and also suggests customers change passcodes on their accounts. According to Threat Post, the employee who accessed private customer data no longer works with AT&T. The company did not disclose how many accounts may have been breached or how the attack happened.