AT&T has issued an apology to its customers after recently discovering that one of its employees had accessed the personal information for a limited number of customers without authorization.
In a sample letter to customers on the matter, AT&T said the employee in question would have been able to view and may have obtained account information including social security number and driver’s license number.
What’s more, the rogue employee also had access to users’ Customer Proprietary Network Information (CPNI), information related to the telecommunications services that a customer purchases from AT&T.
To help address any inconveniences this may have caused, AT&T said they would reverse any unauthorized charges or changes to users’ accounts. They are also offering one year of free credit monitoring through CSID. Payment details have already been arranged and customers simply need to enroll to start the service.
AT&T has also notified federal law enforcement concerning the unauthorized access of users’ CPNI as required by law.
It’s worth pointing out that the incident, which AT&T said took place in August of this year, is a bit different than some of the bigger data breaches that have taken place in recent memory. Although AT&T didn’t disclose how many customers were affected, Re/code said they’re hearing that it’s only about 1,600 – a far cry from the millions that have been impacted by recent breaches at Target and Home Depot, just to name a few.
AT&T has since terminated the employee in question.