(CNBC) — AT&T data breaches exposed about 280,000 U.S. customers' names and full or partial Social Security numbers, the government said.
The company agreed to pay a $25 million civil penalty to settle an Federal Communications Commission investigation into the consumer privacy violations, the agency said Wednesday.
The breaches occurred at call centers used by AT&T in Mexico, Colombia, and the Philippines when employees accessed sensitive customer data without adequate authorization. Those employees took payment from third parties who were apparently interested in customer names and Social Security numbers so they could unlock stolen cell phones for sale on secondary markets, the FCC said.
Advertisement - story continues below