Coming on the heels of the recent breach at restaurant chain P.F. Chang’s, AT&T states that a third-party vendor managed to expose personal data for an untold number of customers earlier this year. According to a letter AT&T sent to its customers, the breach was caused by a service that unlocks cell phones for its customers. The company believes the service only caused the breach as a means of spoofing customer identities in order to unlock phones. AT&T states that the data was accessed between April 19th and 21st, and have since taken steps to prevent it from happening again. “We recently learned that three employees of one of our vendors accessed some AT&T customer accounts without proper authorization,” said AT&T in a statement sent to PhoneScoop. “This is completely counter to the way we require our vendors to conduct business.”
AT&T recently confirmed that a third-party contractor violated its security protocols and accessed customer data, including Social Security numbers and call records. The breach occurred between April 9 and April 21, but was only revealed by AT&T this week. The persons involved in the breach were employed by a service that unlocks cell phones. AT&T said in a statement provided to customers that it believes their records were only accessed by the vendor employees to help facilitate the unlocking process. “We recently learned that three employees of one of our vendors accessed some AT&T customer accounts without proper authorization,” said AT&T in a statement. “This is completely counter to the way we require our vendors to conduct business. We know our customers count on us and those who support our business to act with integrity and trust, and we take that very seriously. We have taken steps to help prevent this from happening again, and we have reported this matter to law enforcement.” AT&T would not say how many customers were affected, but has already alerted them via email. California law requires problems like this to be reported when more than 500 customers are involved. AT&T didn’t say if the breach was limited to its customers in California or if the breach was more widespread. AT&T has more than 100 million customers across the U.S.