Sprint: Employee Stole Customer Data
Sprint is warning several thousand customers that a former employee sold or otherwise provided their account data without permission.
In letters sent via snail mail to some customers, Sprint urged recipients to contact customers service and change their existing personal identification number and security question. Turns out, a Sprint employee accessed "multiple customer accounts," between Dec. 2008 and Jan. 2009.
"It appears this employee may have provided customer information to a third party in violation of Sprint policy and state law. We have terminated this employee. The information that may have been compromised includes your name, address, wireless phone number, Sprint account number, the answer to your security question, and the name of the authorized point of contact on your account."
Sprint spokesman Matt Sullivan declined to say how many customers were sent the letters, but said it was less than one percent of its customer base. A woman who answered the phone at the 800 number set up to handle this incident said "several thousand" customers were affected.
The breach may have exposed more sensitive information had Sprint not recently put in place some protections around that data.
"We implemented a billing platform about a year ago that has advanced security features designed to catch things like an employee accessing information that they shouldn't be," Sullivan said. "That platform limits information that employees can access, such as Social Security numbers, and any sort of payment information."
Still, whichever "third party" received the stolen data may still have found ways to turn the information into cash. Michael Fontaine, a 27-year-old Sprint customer from Fall River, Mass., was among those who received the letter. Fontaine said last month someone made a fraudulent claim through Sprint's insurance company to replace his phone, a pricey Mogul smartphone.
"I got dinged for $50 deductible on my bill, but there was never any replacement phone sent," Fontaine said.
March 11, 2009; 2:55 PM ET
Categories: Fraud | Tags: employee data theft, mogul, sprint
Save & Share: Previous: Adobe, Foxit, Ship PDF Reader Security Updates
Next: Microsoft Plugs Eight Windows Security Holes
Posted by: ballgame | March 11, 2009 4:00 PM | Report abuse
Posted by: morningglory51 | March 11, 2009 4:17 PM | Report abuse
Posted by: burtldy | March 13, 2009 11:45 PM | Report abuse
The comments to this entry are closed.