AT&T data breach fine overview:
- Who: AT&T has agreed to pay $13 million to end a Federal Communications Commission investigation into a January 2023 data breach that affected nearly 9 million consumers.
- Why: The FCC said it found that AT&T failed to ensure its vendor who suffered the data breach was adequately protecting the customer information it shared with it from 2015 to 2017.
- Where: The AT&T data breach affected millions of its customers nationwide.
AT&T agreed to pay $13 million to put an end to claims revolving around a January 2023 data breach incident that affected nearly 9 million of its customers.
The Federal Communications Commission announced the agreement earlier this week, saying the fine ends the agency’s investigation into whether AT&T failed to “meet its duty to protect” the information of its customers.
The AT&T data breach occurred in January 2023 after a threat actor was able to gain access to the cloud environment of one of its vendors and extracted AT&T customer information that had previously been shared with the vendor, according to the FCC.
AT&T was also under investigation for whether it improperly used, disclosed or permitted access to individually identifiable customer information without customer approval, and if it failed to take reasonable measures to discover and protect against data breach efforts, according to the FCC.
FCC says AT&T failed to ensure vendor ‘adequately protected’ customer info
The FCC, which was also investigating if AT&T engaged in “unjust and unreasonable privacy, cybersecurity, and vendor management practices” in connection with the data breach, said the telecom company ultimately bore responsibility for the incident.
“AT&T failed to ensure its vendor adequately protected that customer information; instead, it remained in the vendor’s cloud environment for many years after it should have been deleted or returned to AT&T and was ultimately exposed in the 2023 Breach,” the FCC said in an order.
The data breach exposed information shared by AT&T with the vendor between 2015 and 2017, and included the number of lines on an account and, in several cases, bill balance and rate plan information, according to the FCC.
Earlier this year, a trio of class actions accused AT&T of failing to protect customers’ data in a separate data breach that began in May 2022 and affected nearly all 110 million of AT&T’s wireless customers.
Have you been affected by an AT&T data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
20 thoughts onFCC fines AT&T $13M over January 2023 data breach
I received a letter that my information had been leaked.
I have been with AT&T since 2023 it has been nothing but issues. I believe that I was part of the data breach.
I have been with att for many years I have active armor and I says I was breached so I am thinking I should get a part of settlement
Received letters that my information was breached. I’ve had AT&T for years
I have had Att for about 4 years and they have been overcharging my account and my account info has been breach a couple of times.
I am on the account in which my 89 year old grandmother is account holder . She pays for 5 lines for our family and I do know that my social security has been leaked numerous times on dark web which has caused me fraud charges. she was and still is over paying and was lied to from the start about the services with contract
I am on the account in which my 89 year old grandmother is account holder . She pays for 5 lines for our family and I do know that my social security has been leaked numerous times on dark web which has caused me fraud charges. she was and still is over paying and was lied to from the start about the services with contract
had att
I have had nothing but trouble from AT&T ever but yet I’m still there hanging around for them to take everything else I have probably
I’ve been dealing with AT&T about my data being breached since 2020. I never had a problem with such a phone company ever in my life until I switched over to them after this last out of breach and they got in to my bank account not the first time but the third time! This last data breach they wiped out my whole bank account. It was not refunded a dime and disconnected my phone because I was a day late or pay my bill. They shut me off for $50. Well if your hacker would’ve never gotten into my bank account, they would’ve gotten their $50 payment.