Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Mobile

    FCC Slams AT&T With $25 Million Fine for Phone Customer Data Breaches

    Written by

    Wayne Rash
    Published April 9, 2015
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      AT&T has agreed to pay a $25 million penalty stemming from the theft of customer data in call centers in Mexico, Colombia and the Philippines.

      The Federal Communications Commission carried out extensive investigations of the data breach in cooperation with the U.S. Secret Service. According to senior FCC officials speaking on background, the data breach was part of a massive phone theft ring.

      The FCC officials held a press call on background before announcing the consent decree with AT&T. During that call, a senior FCC official said that the data breach was part of a larger scheme in which stolen AT&T cell phones were unlocked so they could be resold.

      The scheme worked when a shadowy figure, identified by law enforcement officials as “El Pelon,” would provide lists of phone numbers to three AT&T call center employees. The employees would then examine the company’s records and provide the name and partial Social Security numbers for a price.

      The FCC official said that El Pelon was suspected in trafficking in phones stolen from AT&T customers in the U.S. Once the call center employees provided the additional information, the thieves would use the information along with the cell phone number to get an unlocking code.

      The name and SSN information were required to get an unlock code, but only one of the phones had to match an actual customer’s information. Up to five phones of the same type could be unlocked using a single code and four of them did not need to be on the same account.

      During the course of the investigation of the criminal activity in the Mexican call center, the FCC learned of similar problems in call centers in Colombia and the Philippines.

      Those data breaches involved even more employees, a larger number of customers and more customer information. The breach in Mexico revealed information on more than 68,000 customers while the breaches in Colombia and the Philippines exposed information of more than 211,000 customers.

      The FCC also said that initially AT&T did not reveal the data breaches to the government. Instead the FCC found out about the breaches from the Attorneys General of California and Vermont as well as from press reports, such as those in eWEEK.

      The penalty, which is the largest of its type in FCC history, was levied on AT&T because the company did not protect customer information, which is required by the agency. Because of this, the customer information was available to anyone with access to customer accounts, including the contractors at the three call centers involved, where it was made available to unauthorized third parties.

      AT&T has said that the company has terminated the contracts for the call centers, and that the employees involved were terminated. “Protecting customer privacy is critical to us,” Emily Edmonds, director of corporate communications for AT&T said in a prepared statement provided to eWEEK.

      FCC Slams ATT With $25 Million Fine for Phone Customer Data Breaches

      “We hold ourselves and our vendors to a high standard. Unfortunately, a few of our vendors did not meet that standard and we are terminating vendor sites as appropriate. We’ve changed our policies and strengthened our operations. And we have, or are reaching out to affected customers to provide additional information.”

      The additional information will include a toll-free number for affected customers, free credit monitoring for a year, and official notification. In addition, AT&T will be required to appoint a privacy certified compliance director and to provide annual reports to the FCC on compliance with privacy rules.

      A check of the AT&T website shows that the company has revised its rules for unlocking phones so that any phone reported stolen will not be unlocked. The procedures are now similar to the other major wireless carriers, according to the unlocking instructions on their respective websites.

      The AT&T action is the FCC’s fifth major enforcement over the last year for a total of over $50 million in penalties. FCC Chairman Tom Wheeler is making it clear that the FCC’s new aggressive stance on enforcement is just the beginning.

      “As the nation’s expert agency on communications networks, the Commission cannot — and will not —stand idly by when a carrier’s lax data security practices expose the personal information of hundreds of thousands of the most vulnerable Americans to identity theft and fraud,” Wheeler said in the press release announcing the penalty.

      Unfortunately, there’s little recourse for AT&T customers who have had their data breached. They can and should accept AT&T’s offer of credit monitoring. Those customers still with AT&T should take additional actions to protect themselves.

      Those actions include reporting their devices stolen as quickly as possible so that they can’t be unlocked as easily. For customers with phones that have permanent lock out features, such as Apple’s Activation Lock, should activate those features as soon as they start using their phones. In addition, customers should lock their phones so that a PIN or fingerprint is required before anyone can access the phone.

      While a locked phone won’t necessarily prevent a stolen phone from being used unless it’s an Apple phone with the Activation Lock Feature, it will still slow the criminals down long enough to perhaps give the owner time to wipe the phone clean of any personal information.

      The sad thing is that there’s not always a lot that a customer can do when their phone is stolen beyond wiping it of personal information remotely. While phone theft has dropped with the advent of Apple’s Activation Lock, not every criminal has gotten the word, so it’s still rampant in some areas. But if you take the right precautions, at least your most critical information will be protected.

      Wayne Rash
      Wayne Rash
      https://www.eweek.com/author/wayne-rash/
      Wayne Rash is a content writer and editor with a 35-year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He is the author of five books, including his most recent, "Politics on the Nets." Rash is a former Executive Editor of eWEEK and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center and editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×