Threatwatch

Call center workers cash out on AT&T customer data

Insider attack; Stolen credentials; Unauthorized use of employer’s data; User accounts compromised

At least eight individuals in Florida allegedly were involved in stealing client data to conduct unauthorized wire transfers and obtain payment cards.

At least one was an employee at Interactive Response Technologies, a company that provides staffing for call centers that handle direct sales and customer inquiries for AT&T.

IRT personnel have access to a gold mine of personal information, including names, addresses, e-mail addresses, telephone numbers, Social Security numbers, dates of birth, credit and debit card numbers, credit card verification numbers, personal identity numbers and passwords.

The employee apparently provided accomplices with data from multiple customer files.

Some of the defendants earned money and valuables in return for allowing their names to be listed as “authorized users” on the compromised banking accounts of victims.

“Once a co-conspirator's name was added as an authorized user, the bank or credit card company was directed to mail additional debit or credit cards bearing the names of these newly-added users to their addresses or addresses under their control, without the true account holder's knowledge or consent,”BankSecurityInfo reports.

Three of the suspects used the cards to make purchases and cash advances worth more than $44,200.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.  

sector

Telecommunications

reported

April 7, 2014

reported by

BankInfoSecurity.com

number affected

Unknown

location of breach

Florida , United States

perpetrators

Employees

location of perpetrators

Florida, United States

date breach occurred

Unknown

date breach detected

Unknown