But I expect the simplest explanation is, as the article posits:
1) ATT contracts out portions of its business operations to third parties.
2. Those third parties, in the course of their business, require and have access to customer information.
3 - One of those third parties was breached.
#4 ATT may or may not know. (Or may deliberately be not-asking their contractor)
Presto! Security by ignorance!
Given the access to SSNs, I'd assume something to do with private credit scoring.
But I expect the simplest explanation is, as the article posits:
1) ATT contracts out portions of its business operations to third parties.
2. Those third parties, in the course of their business, require and have access to customer information.
3 - One of those third parties was breached.
#4 ATT may or may not know. (Or may deliberately be not-asking their contractor)
Presto! Security by ignorance!
Given the access to SSNs, I'd assume something to do with private credit scoring.