AT&T agrees $13 million fine for 2023 data breach

AT&T agrees $13 million fine for 2023 data breach

AT&T store sign 16.9.jpg

AT&T has agreed to pay US$13 million to resolve an investigation over a data breach of a cloud vendor in January 2023.

The breach impacted 8.9 million AT&T wireless customers according to a statement from the Federal Communications Commission (FCC).

Subscribe today for free


The fine will resolve the FCC’s investigation into whether AT&T had failed to protect the information of its data governance practices to increase supply chain integrity in the handling of sensitive data to protect consumers.

The FCC said the data exposed in 2023 covered customers from 2015 to 2017 that should have been deleted in 2017 or 2018.

FCC Chair Jessica Rosenworcel said: "Carriers have a duty to protect the privacy and security of consumer data, and that responsibility takes on new meaning for digital age data breaches."

The FCC continues its investigation into a much larger breach which affected “nearly all” of its wireless customers and MVNOs that use its network.

The company revealed that customer data was illegally downloaded from an AT&T workspace on a third-party cloud platform.

Call and text records between May 1st and October 31st, 2022, were leaked for nearly all of AT&T’s wireless customers, the customers of MVNOs that use its network and AT&T landline customers that interacted with the cellular numbers.

Capacity will explore the impact and response to the AT&T data breach in the next issue of Capacity Magazine.

RELATED STORIES

Nokia signs multi-year AT&T fibre deal

AT&T leak a ‘wake-up call’ for telecoms

AT&T denies cyberattack claims after widespread outage

Gift this article