AT&T is notifying customers after discovering that a rogue employee was accessing customer information improperly. The employee, who has since had their employment terminated, would have been able to access customers’ name, account information, including SSN and driver’s license number, and CPNI (Customer Proprietary Network Information).
From the wording of the notification letter, it sounds as though the information may have been misused, as AT&T writes that “To the extent this activity results in any unauthorized charges or changes to your account, they have been or will be reversed.”
Affected customers are being offered credit protection services through CSID.
The total number of customers being notified was not disclosed in the notification letter.