Approximately 1,600 AT&T customers have been alerted that one of the wireless carrier's employees illegally compromised their data, including Social Security numbers and driver's license details, according to reports.
AT&T sent out letters notifying the customers whose accounts have been compromised as a result of the breach. The wireless carrier also posted a copy of the letter to the website of Vermont's attorney general.
"We recently determined that one of our employees violated our strict privacy and security guidelines by accessing your account without authorization in August 2014, and while doing so, would have been able to view and may have obtained your account information including your Social Security number and driver's license number," stated AT&T in the letter to the affected customers.
The breach also opened up access to the Customer Proprietary Network Information, or CPNI, which details the services to which customers subscribed.
AT&T has encouraged its customers to have financial institutions and one of the three major credit reporting agencies place fraud alerts on their accounts. AT&T says it will reverse any unauthorized charges related to the breach and will offer a year of free credit monitoring.
"We take our customers' privacy very seriously and value the trust they have in us," an AT&T representative stated. "Unfortunately, we recently learned that one of our employees did not follow our strict privacy rules and inappropriately obtained some customer information. This individual no longer works at AT&T and we are directly contacting the limited number of affected customers."
An unnamed source told Reuters the breach affected 1,600 AT&T customers. The individual accused of perpetrating the security breach has been dismissed
"Simply stated, this is not the way we conduct business, and as a result, this individual no longer works for AT&T," the wireless carrier stated.
AT&T's security breach is the latest in a long string of cyber crimes. On Oct. 7, the United States' largest bond insurer was notified that one of its servers had a vulnerability that left 230 pages of customer account information exposed to a mere Google search.
The Municipal Bond Insurance Association had just announced its intent to sell Cutwater Holdings LLC when the bond insurer was notified that a server hosting the assets management firm's data had been left open due to a misconfiguration of Oracle Reports pages.
"We have been notified that certain information related to clients of MBIA's asset management subsidiary, Cutwater Asset Management, may have been illegally accessed," said MBIA spokesman Kevin Brown. "We are conducting a thorough investigation and will take all measures necessary to protect our customers' data, secure our systems, and preserve evidence for law enforcement."