AT&T hack exposes 19,000 identities

By Joris Evers
Staff Writer, CNET News

Print
E-mail
Share

Related Stories: Auditor loses McAfee employee data
February 23, 2006; Visa deals with possible data breach
December 24, 2005; Separating myth from reality in ID theft
October 24, 2005

AT&T on Tuesday said hackers broke into one of its computer systems and accessed personal data on thousands of customers who used its online store.

The information that was illegally accessed includes credit card numbers, AT&T said in a statement. The cyberattack affects about 19,000 customers who purchased equipment for high-speed DSL Internet connections through AT&T's Web site, the company said.

"We deeply regret this incident," Priscilla Hill-Ardoin, chief privacy officer for AT&T, said in the statement. "We will work closely with law enforcement to bring these data thieves to account."

The break-in occurred over the weekend and was discovered within hours, after which the online store was shut down, AT&T said. The telecommunications company quickly notified credit card companies and is in the process of contacting the affected customers via e-mail, phone and letter, it said.

The incident is the latest in a long string of data security breaches. Since early last year, more than 90 million personal records have been exposed in dozens of incidents, according to information compiled by the Privacy Rights Clearinghouse.

AT&T is offering to pay for credit monitoring services for customers whose accounts have been impacted because they could be at risk of identity fraud. The company also has made available a toll-free number to affected customers to call for more information.

See more CNET content tagged:
AT&T Corp., online store, incident, data security, credit card

Add a Comment (Log in or register) 14 comments

The New AT&T

by als August 29, 2006 7:03 PM PDT

Your world. Delivered.

Reply to this comment

...
by dondarko August 29, 2006 9:43 PM PDT: Your world. Delivered. Along with your personal information. To the crooks.

Digital Age
by MattFatt August 29, 2006 9:59 PM PDT: This is yet another example of why there is no such thing as privacy in the digital age. When you go to a web site and accept a privacy policy, whatever, it means nothing. It just gives you a false sense of security and allows the vendor to give you the illusion, that your personal and/or credit card information is safe...Yeah, right. Unfortunately, by definition, there is no way to fully protect digital info. It's something we all acknowledge (knowingly or not) once we click the accept button.; Reply to this comment

I'm Safe
by dragonbite August 30, 2006 5:17 AM PDT: Because they keep offering all these "deals" but don't extend their range that 1,000 feet to my street!?!; Reply to this comment

Taking the right steps
by Nkully86 August 30, 2006 6:22 AM PDT: Now I won't get into the security policies that allowed this hacker into the AT&T facilities, however they did take all the necessary steps to help thier potentially affected customers. Giving their customers free credit monitoring is a huge step, especially when the U.S. Government decided to take it away from their potentially affected vets.
http://www.techknowbizzle.com/2006/07/times-getting-even-tougher-for-vets.html

Also, taking charge and contacting credit card companies themselves shows the kind of devotion that other affected companies/organizations should take. While these continuing breaches are still not a good sign, it is good that companies are finally manning up and taking the right steps to help their customers get back on the right track.
http://www.essentialsecurity.com/Documents/article17.htm; Reply to this comment

Prompt action
by patruga August 30, 2006 8:09 AM PDT: AT&T should be commended for their prompt action. Usually you hear about these things for weeks or months later.

Damned if I can understand how any of these companies (ATT, Verizon, Citibank etc.) allow a system design that is so easily compromised. I can understand "in process" transactions being compromised, but why have a database with completed transactions available for external access? I am sure I am not seeing the whole techie picture, but if a server/database is offline you can't get to it; keep them offline till you do your billing. There has got to be a better way of securing customer data!; Reply to this comment

AT&T should be held liable for these kind of breaches

by omerfr August 30, 2006 8:27 AM PDT

When Companies like AT&T can cover their behinds by revising their terms and conditions to indicate that user data is AT&T property and they can do whatever they choose with it, its only fair for us as consumers to protect ourselves on this.

Ultimately if our identities are stolen and our credits affected - these same companies will treat us as untouchables.

There should be legislation to enforce liabilities for these kind of breaches.

Reply to this comment

Legislation is not the answer
by patruga August 30, 2006 11:05 AM PDT: While I agree with most of what you have said, legislation is not the answer. As a matter of fact, you could end up a lot worse since it (legislation) would more than likely be crafted in favor of big business. Better data security is the answer, and yes we (consumers)will have to pay more to get it. Thanks to a few crooked members of society.; View reply
Processing

It was only a matter of time...

by btljooz August 30, 2006 12:33 PM PDT

...before these types of '[i]breaches[/i]' started happening. This is why I have [b]NEVER[/b] shopped [u]ANYwhere[/u] but brick & mortar stores. I don't, and [b]NEVER[/b] shop online or TV!

Unfortunately, these types of '[i]breaches[/i]' are on the upswing from other databases, too. It [u]will[/u] only be a matter of time before we [b][u]ALL[/u][/b] have our personal information exposed for anyone to use as they please. :(

Reply to this comment

Think Brick & Morter is secure?
by slobignat May 23, 2007 6:24 AM PDT: What makes you think that a card transaction at a brick and morter store is not retained? It has to go through a card processor and then to the issuing bank. Trust me, your info is in several databases which can be compromised.

Maybe we all have to go back to cash!

Credit is only half the problem
by paulej August 30, 2006 2:23 PM PDT: When a criminal gets your ID, he can do far worse than screw up your credit. In my case, a guy got a driver's license in Indiana. For the past 4 years, I've lived with the constant threat of being arrested for driving with a suspended license that isn't even mine! Indiana only threatens to put me in jail when I ask them to fix it! ID theft can be very bad. See my story: http://www.arid.us/silverman/; Reply to this comment

Oh well
by heystoopid August 30, 2006 3:10 PM PDT: Oh well, looks like it's time for Eliot Spitzer and co, to kick some corporate butt, for these are either true slackers or absolute disciples of the "Peter Principle", for allowing such breaches to occur in the first place!

So much window dressing in corporate mission statements these days!; Reply to this comment

"Deeply Regret"
by ss_Whiplash September 1, 2006 6:52 AM PDT: I am so sick of people saying this. "I deeply regret xyz". So what? What does that mean? It means you regret the fact that you are a idiots and now you have to deal with bad press.

Does anyone actually say "I'm sorry, I screwed up", anymore?; Reply to this comment

Latest tech news headlines

Q&A: What's ahead for Visual Studio and .Net
Posted in News - Business Tech by Adrian Bridgwater

November 22, 2008 6:10 AM PST
Lifestreaming in Obamaland
Posted in Outside the Lines by Dan Farber

November 21, 2008 11:59 PM PST
Judge orders Ballmer to testify in Vista suit
Posted in Beyond Binary by Ina Fried

November 21, 2008 7:35 PM PST
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Dow Jones Industrials (6.54%) 494.13 8,046.42; S&P 500 (6.32%) 47.59 800.03; NASDAQ (5.18%) 68.23 1,384.35; CNET TECH (5.95%) 56.25 1,002.00

Inside CNET News

Scroll Left Scroll Right

Business Tech
Q&A: What's ahead for Visual Studio and .Net
Microsoft's Jason Zander and Matt Carter talk tools and set out the company's manifesto for data democracy.
Gallery
Photos: Gadgets we're thankful for, Part 1
Military Tech
Army backs Hydrogen Highway
US Army has awarded a $1.8 million contract to develop hydrogen filling stations.
Outside the Lines
Lifestreaming in Obamaland
The technologies that helped Obama reach the White House are going to make the president-elect's life more transparent and scrutinized than any previous White House occupant.
Video
The BlackBerry Storm touches down
Digital Media
MySpace Music to name Courtney Holt chief next week
The lengthy CEO search at MySpace Music is finally coming to an end. Now let's see what the new guy can do against Apple.
Video
SF Bay Area plugs in
Politics and Law
The key to innovation: Privately owned fiber?
A paper released by the New America Foundation proposes encouraging consumers to purchase their own fiber lines.
Cutting Edge
Water ice glaciers spotted on Mars
NASA scientists find what they believe are huge water ice glaciers sitting just beneath the Martian surface.
Gallery
Photos: Top-rated reviews of the week
Crave
This week in Crave
Didn't have time to follow Crave this week? Here's what you need to know to be the belle of the gadget ball.
Green Tech
Google crunches numbers on clean-energy policy
Search giant pressures policy makers with an analysis arguing that government and business can clean the U.S. energy supply while stimulating the economy.