Hackers breaking into the data centers of large companies have been increasing in the past years. One of the latest incidents involves AT&T and affects more than 500 of its customers. The carrier announced that the breach occurred between April 9 and April 21 with the hackers gaining access to personal information such as Social Security numbers and dates of birth. It appears that the culprits are company employees working in behalf of third party smartphone unlocking providers.
While the company didn’t make any announcements as to how many of its customers are affected there is an existing California law that requires companies to notify all of its customers in case the security breach affects at least 500 people. The carrier announced that “We have taken steps to help prevent this from happening again,We are notifying affected customers, and we have reported this matter to law enforcement.”
Unlike other security breaches where hackers steal credit card information this latest breach is different as hackers wanted to steal the personal information of customers to commit fraud, specifically to unlock old and used phones. An email that the carrier sent to its customers states that “AT&T believes the employees accessed your account as part of an effort to request codes from AT&T that are used to ‘unlock’ AT&T mobile phones in the secondary mobile market.”
Unlocking a phone means that it will not be tied to a particular network and instead can be used in any compatible network. This is important if for example you have an AT&T Samsung Galaxy S3 that you would like to use on T-Mobile.
AT&T provides a way for its customers to unlock their phones which can only be done at the end of the two year contract or at the beginning. The procedure is lengthy and has heavy restrictions which is why the hackers may have wanted a shortcut.