• August 30, 2006
  • By Coreen Bailor, (former) Associate Editor, CRM Magazine

Hackers Hit AT&T Customers

Yet another well recognized organization has fallen victim to a security breach, potentially compromising some of its customer base. AT&T disclosed on Tuesday that hackers broke into a computer system and accessed personal data, including credit card information, from about 19,000 customers who purchased DSL equipment through its online store. The security breach occurred over the weekend, but was discovered within hours, according to the telco behemoth. The Web store immediately was shut down. The company is notifying the several thousand affected customers via phone, email, and letter, and is providing these customers with a toll-free number to call for more information. The company will also pay for credit monitoring services for them. AT&T notified the major credit card companies whose customer accounts were involved, and is working with law enforcement to investigate the incident and pursue the hackers, according to the company. Published reports indicate that AT&T's DSL equipment online store was the only company site that was hacked; DSL service subscribers weren't impacted, nor was AT&T's online store that sells telephones, although that store was shut down as a precautionary measure. "We recognize that there is an active market for illegally obtained personal information. We are committed to both protecting our customers' privacy and to weeding out and punishing the violators," Priscilla Hill-Ardoin, chief privacy officer for AT&T, said in a statement. "We deeply regret this incident and we intend to pay for credit monitoring services for customers whose accounts have been impacted. We will work closely with law enforcement to bring these data thieves to account." Just last Wednesday AT&T Services filed suit in the San Antonio Division of the U.S. District Court for the Western District of Texas to block 25 "John Doe" defendants from gaining access to customer information without authorization from the company or customer. AT&T contends that the defendants have used fraudulent tactics to access AT&T's customer information, including call records. An AT&T internal investigation identified about 2,500 customers as possible victims of data brokers, according to the company. The company added that the customers involved have been notified and access to their online accounts has been frozen for their protection. Companies must be ready to inform customers how they are affected and how it can correct the problem when it comes to a major security incident, says Dennis Gonier, CEO of customer experience research and services firm TARP Worldwide. Gonier goes on to say that most important is that companies set up "a direct path for communication if there are further questions or issues. A 'case' strategy is needed here-that is, the company should try to channel the customer to the same Representative for continuity. Regardless, the contact center must have the ability to know the history of the customer's previous contacts." Related articles: Data Security Measures: An Increasing Concern For Contact Centers
Sprint Nextel Fights Data Bandits, Again Marriott Vacation Club Time Shares Customer Data
CRM Covers
for qualified subscribers
Subscribe Now Current Issue Past Issues