AT&T employee responsible for major data breach

A letter was reportedly sent out to 1,600 customers who have may have had their SSN stolen

Financial trends and news by Steven Loeb
October 7, 2014
Short URL:

(Updated with comment from AT&T)

You know something is wrong when something that was once unthinkable suddenly starts to become commonplace. The best example I can give of this are school shootings; they happen so often now that often the news won't even cover them. And, the way things are going, I fear that we are going to get to the same place with data breaches (not that I am in any way conflating the two things, I was just using an example).

I swear, barely a week goes by these days before yet another big company, be in tech or in retail, reveals that it has had its data stolen. 

The latest victim: one of the world's largest mobile carriers AT&T. The breach was revealed in a letter, which was posted on the website of the Attorney General of Vermont. It was sent from Michael Chiaramonte, AT&T's director of finance billing operations, to a number of AT&T customers.

The incident has to be especially embarrassing for the company, as it revealed that it was actually one of its own employees that was responisble.

"AT&T's committment to customer proviacy and and data security are top priorities, and we take those committments very seriously. We recently determined that one of our employees violated our strict privacy and security guidelines by accessing your account without authorization in August 2014, and while doing so, would have been able to view and may have obtained your account information including your social security number and your driver's license number," the letter said.

In addition, the employee could have also gained access to the user's Customer Propriatary Network Information (CPNI), which is data collected by telecommunication companies regarding the calls their customers make. That can include the time, date, duration, and destination number of each call made.

The indivdual who was responsible, AT&T says, has been fired. (This seems like the least that should happen to them, no? Perhaps an arrest could be made as well?)

The company is also urging its customers to place fraud alerts on their credit cards, and to change their passcodes.

While AT&T does not incidate in the letter exactly how many people were affected, Reuters is reporting that the letter was sent out to 1,600 customers. 

"We take our customers’ privacy very seriously and value the trust they have in us. Unfortunately, we recently learned that one of our employees did not follow our strict privacy rules and inappropriately obtained some customer information. This individual no longer works at AT&T and we are directly contacting the limited number of affected customers," an AT&T spokesperson told VatorNews regarding the incident. 

Recent data breaches

As I said before, data breaches are all too common now. 

Just last week JP Morgan revealed that it was hacked, potentially affecting the data of 76 million households and 7 million businesses. A couple of weeks ago Home Depot admitted it was breached in an attack that may have affected up to 56 million credit cards at risk. 

In August, Chinese hackers were able to access the patient names, addresses, birth dates, telephone numbers and social security numbers of roughly 4.5 million patients who had been referred to Community Health Systems in the last five years.

Of course the most infamous data breach in recent memory was the one that hit Apple's iCloud in September, allowing the entire world to see the unclothed bodies of Hollywood stars that included Jennifer Lawrence, Kate Upton and Kirsten Dunst.

TwitterFacebookZendeskMicrosoftEvernoteSnapchatSkypeBitly. and Stubhub are just a few of the other companies that have been targets in the last year or so.

We have put to much of our trust, and our information online. This is seriously coming back to bite us, and hard.

(Image source: