"AT&T Vendor Data Breach Exposed 9 Million Customer Accounts"

AT&T customer data was exposed in January through a third-party vendor that had been hacked.  The company noted that the breach affected around nine million customer accounts.  The breached data included basic personal information but no financial data or Social Security numbers.  The data that AT&T had provided to the marketing vendor, which had been exposed, was mostly related to device upgrade eligibility.  It included basic personal information like customer names, account numbers, phone numbers, and email addresses, as well as the number of lines on the account, devices used, and installment agreement information.  AT&T noted that the exposed data didn't include Social Security numbers, credit card information, account passwords, or "other sensitive information."  The data set was also several years old.  AT&T said that its own systems were not breached and that it was notifying customers who had been affected. 

CNET reports: "AT&T Vendor Data Breach Exposed 9 Million Customer Accounts"