AT&T says hackers accessed customers' cards

tuvor

(1000+ posts) Send PM | Profile | Ignore

Tue Aug-29-06 08:57 PM
Original message

AT&T says hackers accessed customers' cards

SAN FRANCISCO (Reuters) - Hackers broke into one of AT&T Inc.'s computer networks and stole credit card data and other personal information from several thousand customers who shopped at the telecommunication giant's online store.

AT&T said it was notifying "fewer than 19,000" customers whose data was accessed during the weekend break-in, which it said was detected within hours.

The company said it immediately shut down the online store, notified credit card companies, and was working with law enforcement agencies to track down the hackers.

"We recognize that there is an active market for illegally obtained personal information," Priscilla Hill-Ardoin, AT&T's chief privacy officer, said in a statement.

http://news.yahoo.com/s/nm/telecoms_att_data_dc

Printer Friendly | Permalink | | Top

ShockediSay

(1000+ posts) Send PM | Profile | Ignore

Tue Aug-29-06 09:20 PM
Response to Original message

1. First, they turn over our private data (?political prefs?) to BushCo

now this for "fewer than 19,000" *

*phew, for a minute I thought I might have something to worry about

Printer Friendly | Permalink | | Top

Anakin Skywalker

(1000+ posts) Send PM | Profile | Ignore

Tue Aug-29-06 09:21 PM
Response to Original message

2. That's No Worse Than Turning People's

surfing records or whatever the hell it is that AT & T surrendered to the Bush cronies.

Printer Friendly | Permalink | | Top

tuvor

(1000+ posts) Send PM | Profile | Ignore

Tue Aug-29-06 09:22 PM
Response to Reply #2

3. Are you thinking of AOL?

Printer Friendly | Permalink | | Top

Anakin Skywalker

(1000+ posts) Send PM | Profile | Ignore

Tue Aug-29-06 09:29 PM
Response to Reply #3

4. Not Really. I Remember AT & T

was named as one of the corporations that bowed to Homeland Security or another bigwig agency's subpoena to turn over customer records.

Can anyone here back me up? THANKS!

Printer Friendly | Permalink | | Top

regnaD kciN

(1000+ posts) Send PM | Profile | Ignore

Tue Aug-29-06 10:57 PM
Response to Reply #4

6. Initially, Qwest was the only company listed as having refused...

...but it later turned out that several other companies (including, I believe, AT&T) had not released the requested information, either.

Printer Friendly | Permalink | | Top

Anakin Skywalker

(1000+ posts) Send PM | Profile | Ignore

Wed Aug-30-06 05:55 PM
Response to Reply #6

9. Oh OK. Thank you for your info.

Printer Friendly | Permalink | | Top

Mnemosyne

(1000+ posts) Send PM | Profile | Ignore

Tue Aug-29-06 10:16 PM
Response to Original message

5. It's really adding up fast.

Edited on Tue Aug-29-06 10:19 PM by vickiss

snip>

This chronology below begins with Choice Point's 2/15/05 announcement of its data breaches because it was a watershed event in terms of disclosure to the affected individuals. Since then, the "best practice" has been to disclose breaches to individuals nationwide -- in a sense, adopting California's notice requirement nationally.

Feb. 15, 2005
Choice Point
(Alpharetta, GA)

Bogus accounts established by ID thieves 145,000

Feb. 25 , 2005
Bank of America
(Charlotte, NC)

Lost backup tape

1,200,000

Last update, does not include thefts since
Aug. 26, 2006 PortTix
(Portland, ME) Credit card information for about 2,000 people who ordered tickets online through PortTix was accessed by someone who hacked into the Web site. PortTix is Merrill Auditorium's ticketing agency. The Web site was secured as of Aug. 24. 2,000

snip>

many, many, many more thefts at link:

http://www.privacyrights.org/ar/ChronDataBreaches.htm

TOTAL number of records containing sensitive personal information involved in security breaches 90,997,002

I repeat:

90,997,002

U.S. pop. 2005 - 299,600,604; about one in three of us affected.

I wonder if these thefts are world-wide?

World 6,540,767,771

TIA lives.

Printer Friendly | Permalink | | Top

Emit

(1000+ posts) Send PM | Profile | Ignore

Wed Aug-30-06 02:53 AM
Response to Original message

7. On a related note...

The following is from last week:

AT&T Services Inc. Files Suit to Bar Data Brokers from Unauthorized Access to Customer Data
~snip~

San Antonio, Texas, August 23, 2006

AT&T Services Inc. filed suit in federal court today to block some two dozen so-called data brokers from accessing customer information without authorization from the company or the customer.

"We're taking this action on behalf of our customers," said Priscilla Hill-Ardoin, chief privacy officer for AT&T. "We intend to vigorously pursue these individuals who, through fraud, have attempted to obtain unauthorized access to customer information."

~snip~

The suit filed today in the San Antonio Division of the U.S. District Court for the Western District of Texas, names 25 "John Doe" defendants who have used fraudulent means to gain access to AT&T's business records containing confidential customer information, including calling-record information.

~snip~

The lawsuit is designed to provide the company with the legal process to use e-mail addresses and Internet Protocol addresses to identify the perpetrators, and pursue an injunction to bar such activity, as well as seek damages.

Hill-Ardoin said that an AT&T internal investigation identified about 2,500 customers as possible victims of data brokers. The customers involved have already been notified and access to their online accounts frozen for their protection.

~snip~

In a process known as pretexting, data brokers pose as the customer to gain confidential information. The perpetrators set up unauthorized online accounts by supplying private customer-identifying information. The online account provides access to the customer's AT&T account information � including recent calling history.

Earlier this year, pretexting and data-brokering became the subject of extensive government investigation and lawsuits when it was disclosed that private investigators and other data brokers were selling detailed calling records and other customer information obtained under fraudulent conditions.

Citing the Computer Fraud and Abuse Act and statutes regarding Harmful Access by Computer and Fraud, AT&T's suit seeks an immediate injunction to halt the unauthorized parties from accessing customer information or sharing it with any third party. The suit also seeks the return of any confidential customer information that the perpetrators may have in their possession, return of any profits the perpetrators derived and monetary damages.

Cont'd: http://att.sbc.com/gen/press-room?pid=5097&cdvn=news&newsarticleid=22513

Printer Friendly | Permalink | | Top

Sherman A1

(1000+ posts) Send PM | Profile | Ignore

Wed Aug-30-06 03:31 AM
Response to Original message

8. The hits just keep comin'

AT&T is just another bungle-fest corporation that cares not one wit for it's customers. At best it is a game of "let's pretend we care" and when something bad happens we will make noise like we care until it blows over. Executives should be held responsible, lose their jobs if they are not doing their jobs, fined and jailed (in a nice federal facility on the island of Cuba, where they can work on their tans).

Printer Friendly | Permalink | | Top

DU AdBot (1000+ posts)

Fri Apr 19th 2024, 12:41 PM
Response to Original message

Advertisements [?]

Top

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.