AT&T has informed about 1,600 customers that a rogue employee had accessed account information that might have included Social Security numbers and other personal data.
AT&T said the employee had failed to follow its privacy rules and no longer works for the company.
The Dallas-based company said the employee also might have had access to driver's license numbers and information about the types of services the customer purchased. AT&T said it's offering free credit monitoring and has notified federal authorities. A copy of the letter to customers was posted online by Vermont's Attorney General's Office.
The August data breach is among the latest disclosed by a major company. Unlike others, though, this one affected a small number of people and resulted from unauthorized access by an insider rather than hacking.