News AT&T to Pay $25 Million to Settle FCC Privacy Breach Case

Discussion in 'The Howard Stern Show' started by dawg, Apr 8, 2015.

  1. dawg

    dawg In The Dog House Staff Member

    Reputations:
    540,831
    Joined:
    Aug 19, 2010
    Messages:
    119,526
    Likes Received:
    90,839
    att-headquarters.jpeg

    Call center workers for AT&T Inc. leaked confidential information about 280,000 subscribers so resellers could unlock used phones, federal regulators said Wednesday.

    The Federal Communications Commission said the privacy breach involved the disclosure of names, parts of Social Security numbers and other data by call center workers in Mexico, Colombia and the Philippines. AT&T paid $25 million to settle the claims.

    An FCC official said the workers apparently sold the data to middlemen in the market for phone unlock codes. One buyer in Mexico—identified only by the alias “El Pelón,” or “Baldie”—bought the data after supplying call center insiders with a list of requested accounts, the official said.

    The revelations shine a light on the murky market for used smartphones, which has exploded in the past few years as customers have looked for ways to keep up with the fast pace of upgrades from companies like Apple and Samsung. Major carriers and Apple, as well as a number of specialists in the market, offer phone trade-in programs.

    The market was roiled in late 2013 when AT&T cracked down on unlocking and required current and former customers to enter their email addresses and the last four digits of their Social Security numbers, along with other information, into AT&T’s website. The move sent the price of used AT&T iPhones tumbling, as middlemen faced a shortage of codes able to unlock them.

    In a breach that ran from November 2013 through April 2014, three employees at the Mexican call center were paid to access more than 68,000 accounts without customer authorization, the FCC said. That information was then sold to third parties that used it to submit more than 290,000 requests to unlock phones, the commission said.

    Another 211,000 customer accounts were accessed by about 40 workers in Colombia and the Philippines, the FCC said.

    The market for unlock codes grew out of a unique wrinkle in the U.S. wireless industry, which for years relied on selling devices to subscribers at subsidized prices in exchange for a two-year contract. That model forces carriers to lock phones to their networks to make sure customers can’t switch to a new carrier before their contract is up.

    AT&T spokesman Fletcher Cook said the company had ended its contracts with the call center sites involved.

    “We’ve changed our policies and strengthened our operations,” the company said. “And we have, or are, reaching out to affected customers to provide additional information.”

    Some of the phones that were unlocked may have been stolen, the FCC said. Reliable figures on smartphone theft are scarce. A Consumer Reports survey last year estimated thieves stole 3.1 million smartphones in the U.S. in 2013, up sharply from the previous year.

    The AT&T breaches went undetected for several months, the commission said. The FCC launched its probe in May 2014.

    AT&T’s settlement requires it to provide affected customers with free credit monitoring services and hire an overseer to safeguard its data in the future.

    http://www.wsj.com/articles/at-t-to-pay-25-million-to-settle-fcc-privacy-breach-case-1428519807