AT&T has become the latest multinational company to suffer a data breach after one of its own employees gained access to customer data. The US mobile telecoms giant has started informing around 1,600 customers in Vermont that their personal data was breached in August.
In a letter posted on the Vermont government’s website, AT&T confirmed that a former employee had broken the company’s privacy policy and obtained customer data, including unique customer numbers, social security numbers and driver’s license numbers. AT&T has not said why the employee stole the information or whether he used it for malicious purposes, but it is nevertheless a serious breach and the federal authorities have been informed.
Although this is a smaller incident in comparison to recent cyber-attacks on JPMorgan Chase and iCloud, it is a reminder to IT managers about the dangers of insider data breaches. Whether intentional or not, internal breaches can be equally as damaging as external attacks and IT departments ignore this at their peril. Ensuring that your internal policies and controls are watertight and that employees are educated in data security is just as important as protecting your network from outside cyber-attacks.
Click to Open Code Editor