Secure Channels CEO Comments on AT&T Breach
Secure Channels Inc. CEO Richard Blech Comments in FierceIT Security Article, 280,000 US customers’ data stolen by overseas AT&T call center employees
FCC slaps record $25M fine on AT&T for ‘lax data security practices’
Employees at overseas AT&T call centers stole the names and Social Security numbers of around 280,000 U.S. customers, according to the Federal Communications Commission (FCC), which fined the wireless carrier a record $25 million for lax data security practices.
The FCC found that personnel at AT&T call centers in Mexico, Colombia and the Philippines stole names and full or partial Social Security numbers of U.S. wireless customers, and also gained unauthorized access to customer proprietary network information (CPNI). This information was sold to third parties who used it to unlock stolen cell phones.
The FCC accused AT&T of “lax data security practices” and said that the $25 million fine was the largest it has levied for a privacy and data security violation. AT&T will also have to inform the customers affected by the breach and provide them with credit monitoring services.
AT&T will also be required to appoint a certified privacy professional as senior compliance manager, conduct a privacy risk assessment, implement an information security program, prepare a privacy compliance manual, and train employees on the company’s privacy policies and privacy laws.
In comments sent to FierceITSecurity about the FCC action, Richard Blech, CEO and co-founder of Secure Channels, concluded: “By outsourcing their call center to foreign countries to save money, AT&T has exposed Americans’ sensitive data to peril. If AT&T had simply budgeted for security as a priority and encrypted their customer’s sensitive data, AT&T’s frugality at hiring outside of the country would have still left Americans sensitive data and privacy protected.”
Find the original article here.
For more articles featuring CEO Richard Blech, visit securechannels.com