AT&T has agreed to a $13 million settlement after a Federal Communications Commission (FCC) investigation revealed a data breach that impacted nearly 9 million customers. The breach, which occurred between 2015 and 2017, exposed sensitive account information through a cloud vendor. Although no Social Security numbers, credit card details, or passwords were leaked, the breach did reveal customer data such as the number of lines on accounts and bill balances.
The FCC’s investigation found that AT&T had not done enough to secure customer data. The settlement resolves the legal dispute over whether AT&T failed to meet its obligations in protecting its customers’ personal information. In addition to paying the fine, AT&T has committed to improving its data governance practices, particularly focusing on how it works with third-party vendors to safeguard customer information.
AT&T emphasized that while its internal systems were not compromised, the company is making changes to strengthen the way it handles sensitive data. The company will also be imposing stricter requirements on its vendors to prevent future breaches.
FCC Chair Jessica Rosenworcel highlighted the importance of protecting consumer data in today’s digital world, stating that companies have a duty to ensure the privacy and security of the information they collect from customers. The case underscores the growing concern over data breaches and the need for stricter protections.
The $13 million fine is a reminder of the risks companies face if they fail to protect customer data, especially as digital threats continue to evolve.