In a security breach at AT&T last April, three employees of one of the company’s vendors accessed the telecommunications giant’s customer records — including social security numbers and call records.
AT&T declined to comment on how many customers were affected or why the company waited until now — two months after the fact — to acknowledge it.
Mark Siegel, executive director for media relations, sent a statement via email:
“We recently learned that three employees of one of our vendors accessed some AT&T customer accounts without proper authorization. This is completely counter to the way we require our vendors to conduct business. We know our customers count on us and those who support our business to act with integrity and trust, and we take that very seriously. We have taken steps to help prevent this from happening again, notified affected customers, and reported this matter to law enforcement.”
This article originally appeared on Recode.net.