AT&T has reached a $13 million settlement with the Federal Communications Commission (FCC) after a data breach involving a third-party vendor exposed sensitive customer information. The breach, which impacted 8.9 million customers between 2015 and 2017, revealed details like account balances and the number of lines on each account, but it did not include Social Security numbers or passwords.
Following the investigation, the FCC found that AT&T had not sufficiently protected its customers’ personal information. The settlement not only resolves the legal dispute but also commits AT&T to improving its data governance practices. This includes strengthening security protocols with its vendors to prevent future breaches.
AT&T emphasized that while its internal systems were not breached, the company recognizes the need for stronger data protection. As part of its response, AT&T will enhance its vendor oversight and tighten its data management policies to ensure better security for customer information.
FCC Chair Jessica Rosenworcel noted that in today’s digital age, companies must go above and beyond to protect customer data. This settlement sends a message to other telecom providers about the importance of maintaining strong data security measures.
The $13 million fine and AT&T’s commitment to improving its security practices are seen as steps toward restoring customer confidence in how their information is managed.