AT&T pays record $25m fine over customer data thefts Published duration 9 April 2015

image copyright Getty Images image caption The fine is the largest imposed on a company for losing data and violating customer privacy

AT&T has been fined $25m (£17m) over data breaches at call centres in Mexico, Colombia and the Philippines.

Names, social security numbers and customer account details were taken in the series of data thefts that took place in 2013 and 2014.

The details of about 280,000 people were taken during the data breaches.

Call centre staff involved in the breaches used the data to work with criminals peddling stolen phones who needed to unlock handsets.

The US Federal Communications Commission began investigating the breaches in Mexico last May after it was given information about data going missing. Soon after, AT&T passed it information about breaches in other nations.

The investigation revealed that several employees at different call centres had abused their login credentials to steal data that was then used to request codes which could unlock stolen phones. The information was sold on to phone thieves.

AT&T said it had got in touch with all the customers who lost data in the breach. It has also terminated its business deal with the companies that operated the call centres where data was stolen. It added that it had also tightened its policies and procedures to ensure a similar data breach could not occur.

The $25m fine is the largest the FCC has imposed on a company for breaking laws that cover data security and privacy.