Computer hackers went after a big fish during
the weekend, stealing credit card information
belonging to 19,000 customers of
, officials said Tuesday.
The thieves hacked into a site that
sells DSL equipment used by high-speed Internet
shut down the site and immediately took
steps to notify the customers and protect them
from identity theft, spokesman
"Everyone will get a letter," Sharp said.
"The majority already have gotten an e-mail, and
those for whom we did not have an e-mail
address, there are phone calls being made."
Although he offered no geographic breakdown,
Sharp said Oklahoma customers were almost
certainly among those whose information was
The company will pay for credit monitoring
and is suggesting customers contact their credit
card companies as well,
"We have already taken the step of notifying
the credit card companies involved," he said.
"We are suggesting they get in touch with their
credit card companies and put a fraud alert on
their records and keep a close eye on their
AT&T discovered the unauthorized electronic
access within hours after it took place and shut
down the site, which is operated by a vendor,
immediately, he said.
The fact that a huge corporate entity such as
AT&T was hacked is not unusual, said
Brad Thomas, vice president of technology at
Perimeter Technology Center.
"My perspective is there isn't any company
that is immune to this type of break-in,"
Thomas said. "Certainly you would expect the
highest level of security would be put in place.
But if someone wants the data bad enough ... the
whole premise (of security) is to make the cost
of getting to the data more than the data is
"There is no such thing as fool-proof
Forensic teams and law enforcement are
working to determine how the theft occurred and
who was responsible,
AT&T's online store for DSL equipment was
the only company site infiltrated by the
hackers, he said. Subscribers to DSL service
were not affected.
Sharp said the company's online store
selling telephones was not affected but was shut
down also as a precaution.
Beth Givens, director of the
Privacy Rights Clearinghouse, a
California-based nonprofit, said her group has
tallied more than 170 publicly disclosed
security breaches nationwide of sensitive
personal information so far this year.
A Texas law enacted last year mandates that
companies disclose such security breaches to the