AT&T has warned customers of a security breach in which three contracted workers accessed personally identifiable information like customer names and Social Security numbers.
These workers were authorized to access AT&T’s customer information, but not for these purposes. Apparently they were intent on finding the correct information needed to “unlock” cell phones.
The good news? All reports indicate that the criminals were truly most interested in unlocking stolen phones.
The bad news? Because Social Security numbers were accessed, AT&T users affected by the company’s latest data breach should take steps to protect their identity, such as placing an alert on their credit report to watch for fraud.
What Does ‘Unlocking’ Mean?
AT&T is one cellular service provider that allows its customers to “unlock” their phones from AT&T’s network in order to switch to a new service provider. This is actually a very generous policy on the part of the phone company, because it means a customer whose service contract has expired is free to take his phone to another company without having to purchase a new one or sign a contract to receive a discounted phone. However, in order to “unlock” his phone from the network, the customer must be able to provide all of his secure data to the AT&T representative who is assisting him. This prevents thieves from stealing a phone, calling the company to unlock it, and initiating service elsewhere.
The company believes the contractors were attempting to steal the necessary information to unlock previously stolen phones by looking up those specific customers’ accounts. Unfortunately, that information includes addresses, Social Security numbers, and more, so the threat of a full identity theft is still possible.
Identity Theft Risks
What makes this data breach most troubling is the exposure of Social Security numbers. Credit card data breaches, for example, can lead to financial identity theft and fraud. But once a consumer knows that their card has been used fraudulently, they can cancel the card and get a new one.
But when a Social Security number is exposed, there is the potential for serious identity theft to occur.
Although AT&T is offering its affected customers one-year paid access to a credit monitoring service in light of the loss of personal information, identity theft isn’t a simple issue. The ability of identity thieves to continue to use the Social Security number to open up new lines of credit is a life-long problem. Put simply, a year of credit monitoring is not going to be sufficient to help victims.
That being said, let’s hope that the purposes of these specific thieves were to just “unlock” cell phones and not for more nefarious purposes.