At-Bay Helps Telecom Company After Rogue Employee Compromises Data
When an employee of an $80 million telecommunications marketing company used existing customer names and social security numbers to fraudulently enroll new clients and boost sales, the company faced an information privacy event that required breach coach services and notifications to affected clients.
Unexpected Attacker Poses Consumer Risk
A telecom company offering broadband marketing solutions was blind-sided by an employee who abused access to customer data for personal financial gain. The company learned this when a customer reported that they had received a bill for their services with an incorrect name. The suspicious statement sparked an internal investigation with their quality assurance team.
The team discovered that the employee fraudulently used the names and social security numbers of existing customers to enroll new customers whose credit history otherwise would not have qualified them for the service. Each newly approved service at the employee’s request was a case of identity theft in exchange for commission. The incident revealed that secure personnel protocols are as important as network security protocols, as cyber risk encompasses a broad range of privacy violations.
Credit Monitoring and Notification Costs Covered by At-Bay
Once the company notified At-Bay of the claim, the company engaged a breach coach to assist in determining the extent of the compromised customer data and advise on the company’s legal notification obligations.
At-Bay’s cyber policy covers the notification and credit monitoring costs for the affected individuals. The claims team acted quickly to confirm coverage, and arm the company with the resources it needed to appropriately respond to this incident. This swift response from the claims team significantly reduced the chances of additional damage to consumers and penalties from regulatory agencies.