Call center workers cash out on AT&T customer data
Insider attack; Stolen credentials; Unauthorized use of employer’s data; User accounts compromised
At least eight individuals in Florida allegedly were involved in stealing client data to conduct unauthorized wire transfers and obtain payment cards.
At least one was an employee at Interactive Response Technologies, a company that provides staffing for call centers that handle direct sales and customer inquiries for AT&T.
IRT personnel have access to a gold mine of personal information, including names, addresses, e-mail addresses, telephone numbers, Social Security numbers, dates of birth, credit and debit card numbers, credit card verification numbers, personal identity numbers and passwords.
The employee apparently provided accomplices with data from multiple customer files.
Some of the defendants earned money and valuables in return for allowing their names to be listed as “authorized users” on the compromised banking accounts of victims.
“Once a co-conspirator's name was added as an authorized user, the bank or credit card company was directed to mail additional debit or credit cards bearing the names of these newly-added users to their addresses or addresses under their control, without the true account holder's knowledge or consent,”BankSecurityInfo reports.
Three of the suspects used the cards to make purchases and cash advances worth more than $44,200.
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.
April 7, 2014
Link to report
location of breach
Florida , United States
location of perpetrators
Florida, United States
date breach occurred
date breach detected