By Ovunc Kutlu
ISTANBUL (AA) - American telecommunications firm AT&T has agreed to pay $13 million for a data breach of a cloud environment last year, the Federal Communications Commission (FCC) said Tuesday.
The US agency said in a statement that threat actors exfiltrated AT&T customer information from the vendor’s cloud environment in January 2023.
The investigation examined whether AT&T failed to protect customer information and engaged in unreasonable privacy, cybersecurity and vendor management practices in connection with the breach, it added.
AT&T, in addition, has committed to strengthening its data governance practices to increase its supply chain integrity in order to resolve the investigation, it noted.
"The Communications Act makes clear that carriers have a duty to protect the privacy and security of consumer data, and that responsibility takes on new meaning for digital age data breaches," said FCC Chairwoman Jessica Rosenworcel.
"Carriers must take additional precautions given their access to sensitive information, and we will remain vigilant in ensuring that’s the case no matter which provider a customer chooses."
AT&T’s stock price posted a 2.22% loss Tuesday on the New York Stock Exchange.