Hackers breached AT&T Mobility and stole social security numbers and call records. AT&T won't say why it waited a month to notify affected customers, and that's a major concern, according to CIO.com blogger Bill Snyder. Data breaches are an all-too-common fact of modern life. They can’t always be avoided, but when a major company is hit, its customers have every right to be notified immediately. So why did AT&T Mobility take at least one month to notify its wireless customers that their personal data, including social security numbers and call records, had been exposed? Plenty of reporters, including me, have asked the company to explain the delay. It hasn’t. The company now acknowledges that the breach occurred two months ago. It says it learned about the situation in May and eventually sent letters to the customers at risk. The breach took place between April 9 and April 21, 2014, but wasn’t disclosed until last week in a filing with the California Public Utilities Commission. While AT&T wouldn’t say how many customers were affected, state law requires such disclosures if an incident affects at least 500 customers in California. Here’s what AT&T spokesman Mark Siegel said in a statement that was emailed to reporters: “We recently learned that three employees of one of our vendors accessed some AT&T customer accounts without proper authorization,” the company said in a statement…This is completely counter to the way we require our vendors to conduct business. We know our customers count on us and those who support our business to act with integrity and trust, and we take that very seriously. We have taken steps to help prevent this from happening again, we are notifying affected customers, and we have reported this matter to law enforcement,” it said. The company was a bit more forthcoming in the letter it mailed to customers. It said the breach was related to the codes used to unlock a cell phone and the associated services. Locked cell phones can only be used on the networks of the carriers that sell them; once unlocked, they can be used on any compatible network. What steams me is the delay in notifying customers. The longer someone’s personal data is out there, the more opportunities there are for fraud. Most companies swallow their embarrassment and quickly notify customers. P.F. Chang’s China Bistro, a popular chain restaurant, learned last Tuesday that its defenses had been breached, and by Friday the company had notified customers. As quick as that was, one of my colleagues had to deactivate a number of credit cards he’d used at the restaurant because bogus charges had already appeared on his accounts. Seriously? P.F. Chang’s can handle a data breach better than one of the largest telecommunications companies in the world? Shame on you, AT&T. I simply don’t understand why the company waited so long. What’s more important than guarding the security of its customers? My advice: Don’t recycle the next piece of snail mail you get from AT&T until you read it. Related content BrandPost The future of trust—no more playing catch up Broadcom: 2023 Tech Trends That Transform IT By Eric Chien, Director of Security Response, Symantec Enterprise Division, Broadcom Mar 31, 2023 5 mins Security BrandPost TCS gives Blackhawk Network an edge with Microsoft Cloud In this case study, Blackhawk Network’s Cara Renfroe joins Tata Consultancy Services’ Rakesh Kumar and Microsoft’s Nilendu Pattanaik to explain how TCS transformed the gift card company’s customer engagement and global operati By Tata Consultancy Services Mar 31, 2023 1 min Financial Services Industry Cloud Computing IT Leadership BrandPost How TCS pioneered the ‘borderless workspace’ with Microsoft 365 Microsoft’s modern workplace solution proved a perfect fit for improving productivity and collaboration, while maintaining security of systems and data. By Tata Consultancy Services Mar 31, 2023 1 min Financial Services Industry Microsoft Cloud Computing BrandPost Supply chain decarbonization: The missing link to net zero By improving the quality of global supply chain data, enterprises can better measure their true carbon footprint and make progress toward a net-zero business ecosystem. By Tata Consultancy Services Mar 31, 2023 2 mins Retail Industry Supply Chain Green IT Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe