Cyber Incident Victim: Amtel

On April 19, 2023, Amtel, LLC, doing business as Connectivity Source, was alerted to suspicious activity occurring within its computer network. The company, a nationwide T-Mobile retailer based in Houston, Texas, immediately responded by enlisting the assistance of an external cybersecurity firm to conduct an investigation into the incident. The primary objective of this investigation was to determine the nature and scope of the suspicious activity detected on its systems. The cybersecurity firm’s analysis confirmed that the suspicious activity was the result of a cyberattack in which an unauthorized external party had successfully gained access to the company’s IT network.

The investigation further revealed that the unauthorized actor was able to access certain files stored on the compromised network. These files contained highly sensitive personal information belonging to a specific group of individuals, namely current and former employees of Amtel. Following the confirmation that sensitive data had been accessed by an unauthorized party, the company initiated a comprehensive review of the affected files. This process was undertaken to determine precisely which individuals were impacted and what specific types of information were involved in the security incident. The company completed its review of the compromised files on April 21, 2023, just two days after the initial detection of the breach.

The data exposure was not uniform for all affected individuals; however, the investigation concluded that the compromised information included individuals’ names and Social Security numbers. The breach did not impact customer data, as the accessed files were limited to information relating to employees. The total number of individuals affected by this incident was 17,835 current and former employees. Upon completing the review and identifying the affected population, Amtel, LLC began the process of preparing data breach notification letters to inform these individuals of the compromise of their personal information.

On May 10, 2023, Amtel filed an official notice of the data breach with the Attorney General of Maine. This filing served as the public disclosure of the incident and provided the confirmed details regarding the number of affected individuals and the types of data compromised. Concurrently with this regulatory filing, Connectivity Source commenced sending out the individual data breach notification letters to all 17,835 people whose sensitive information had been accessed by the unauthorized party. These letters served to inform the recipients that their names and Social Security numbers were involved in the security breach.

The immediate consequence of the breach was the exposure of highly sensitive personal identifiers, specifically Social Security numbers, which are critical pieces of information used to commit various forms of fraud, including identity theft. The individuals affected were all current and former employees of the company, spanning its operations across 38 states where the company operates hundreds of retail stores. As a retailer generating approximately $115 million in annual revenue, the incident represented a significant data security event for the organization, though the breach was contained to employee data and did not extend to consumer or customer information. The company’s response involved engaging external cybersecurity expertise to investigate the incident, reviewing the compromised files to ascertain the scope, and executing a notification process in compliance with regulatory requirements by informing both the appropriate state authority and the affected individuals directly.