After months of being told “it wasn’t us,” and pointing the finger at everyone from clever hackers to Apple Store employees, AT&T has finally admitted that an employee at one of its vendors is responsible for illegally accessing customer accounts. Which vendor? AT&T isn’t saying.
CTwatchdog.com’s George Gombossy has been on this case since December, when an AT&T customer wrote to tell him that her account had been compromised. Her name and address had been changed and five iPhones had been ordered in her name.
At first, the customer said she was told by AT&T CSRs that it appeared to be someone inside the Death Star, but an AT&T rep initially told CTwatchdog that it was “definitely not an inside job,” and that he’d have to print a retraction if he published those allegations.
That’s when the finger was pointed at the Apple Store. Yeah, no luck there.
“They were so adamant that it was Apple since it happened at their stores,” says the victim of the ID theft, “but then AT&T denied they ever said it was Apple.”
Then she says AT&T’s fraud told her last Friday to stop contacting them.
But CTwatchdog obtained a copy of a letter from an AT&T lawyer to the Connecticut Attorney General’s office in which the company admits that the fraud is “connected to the misconduct of an employee of one of AT&T’s service providers located in South Carolina,” and that “the misconduct of this service provider’s employee has impacted many more AT&T customers… AT&T is in the process of finalizing the list of impacted customers, but at this time, it appears that four other Connecticut customers experienced unauthorized activity on their accounts.”
And while AT&T has now apologized and said the company will bear the responsibility for reversing all the charges to affected customers’ accounts, it is not willing to let the public know which of its vendors employed the culprit.
“We can’t provide that information, but we would again note that her employer has suspended her, and she will no longer perform work for AT&T,” a rep for the company tells CTwatchdog.