AT&T has reached a $13 million settlement with the Federal Communications Commission (FCC) after an investigation into a data breach that affected 8.9 million customers. The breach, which occurred between 2015 and 2017 through a cloud vendor, exposed sensitive information such as the number of lines on accounts and bill balances. Fortunately, more critical details like Social Security numbers and account passwords were not leaked.
The FCC investigation concluded that AT&T had failed to protect its customers’ personal information, leading to the breach. To resolve the matter, AT&T has not only agreed to pay the hefty fine but has also pledged to improve its data governance practices, particularly in managing third-party vendors who handle customer data.
AT&T clarified that its internal systems were not involved in the breach but acknowledged the need for more robust data security measures. As part of the settlement, the company will be taking additional steps to ensure better protection of customer information in the future.
FCC Chair Jessica Rosenworcel stressed the significance of this case, pointing out that companies have a duty to protect consumer data, especially as digital breaches become more frequent. The $13 million fine is a clear signal of the growing responsibility telecom companies face in safeguarding sensitive customer data.
AT&T’s efforts to improve its data handling practices will be closely watched, as the company seeks to restore trust with its customers and ensure future compliance with privacy laws.
