AT&T Settles for $13 Million Over 2023 Data Breach

The settlement with the FCC resolves allegations of insufficient data protection affecting 8.9 million customers.

AT&T's $13 million settlement addresses a data breach from January 2023 involving a vendor's cloud environment.
The breach exposed Customer Proprietary Network Information (CPNI) of 8.9 million wireless accounts, including names, account numbers, phone numbers, and email addresses.
Despite the breach, sensitive information like credit card details, Social Security numbers, and account passwords were not compromised.
AT&T has committed to enhancing its data governance practices, including implementing a comprehensive Information Security Program and conducting annual compliance audits.
The FCC emphasizes the importance of carriers protecting consumer data, especially in the digital age, and will continue to enforce strict data protection standards.