AT&T agreed to pay a $13 million fine because it gave customer bill information to a vendor in order to create personalized videos, then allegedly failed to ensure that the vendor destroyed the data when it was no longer needed. In addition to the fine, AT&T agreed in a consent decree announced today by the Federal Communications Commission to stricter controls on sharing data with vendors.

In January 2023, years after the data was supposed to be destroyed, the vendor suffered a breach “when threat actors accessed the vendor’s cloud environment and ultimately exfiltrated AT&T customer information,” the FCC said. Information related to 8.9 million AT&T wireless customers was exposed.

Phone companies are required by law to protect customer information, and AT&T should not have merely relied on third-party firms’ assurances that they destroyed data when it was no longer needed, the FCC said.

  • skuzz@discuss.tchncs.deOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    Really hope America’s corporate fines are someday impactful in any meaning way. That alone would fix so many problems with the loose morals of those people named “corporation” without having to do much else.

    It’s not even malicious really. It would happen once, and suddenly companies would start acting non-shitty like they sometimes do in history.

    Much less drama too.