The Federal Communications Commission (FCC) on Wednesday asked wireless carrier AT&T Inc to pay a whopping amount of USD 25 million in order to settle the case over a consumer data breach at its call centers in Colombia, Mexico and the Philippines.
According to the US communications regulator, the user data breaches led to the unauthorized revelation of names and partial or full numbers related to Social Security and also illegal access to personal account information of nearly 280,000 AT&T customers in the United States. The data were breached between 2013 and 2014.
“Unfortunately, a few of our vendors did not meet that standard and we are terminating vendor sites as appropriate. We’ve changed our policies and strengthened our operations,” AT&T said in a statement.
A senior FCC official told reporters that the data was used by call center staffs for requesting handset-unlock codes for the AT&T phones and shared with third parties, who appeared to have been trafficking the cell phones that were stolen.
According to the FCC official, the civil penalty worth USD 25 million that has been levied on the number two wireless carrier of the United States is the largest data security enforcement action to date by the federal regulatory body.
In October 2014, the federal body had imposed a fine worth USD 10 million on telecom firms, including YourTel and TerraCom, for consumer privacy breaches.