Extract from Dan Clark’s article “Following Data Breach, In-House Counsel Should Review Company Email Policies”
The diverse amount of personally identifiable information that may be compromised when employee email accounts are hacked should force in-house counsel to reconsider policies and procedures surrounding email use, according to experts in the wake of a recent T-Mobile USA Inc. data breach.
Over the weekend, Bellevue, Washington-based T-Mobile, a month before it is expected to merge with Sprint Corp., announced on its website that an attack on one of its email vendors allowed hackers to gain access to “certain T-Mobile employee email accounts.” T-Mobile was able to determine that the email addresses compromised contained customer names, addresses, phone numbers, account numbers, rate plans and billing information. The company said in its notice that credit card and Social Security information was not compromised. It is not clear how many customers were impacted or how many email addresses the hackers had access to.