FCC Requires Telecom, VoIP Providers to Report PII Breaches

Starting next month, telecom and VoIP providers will have to issue data breach notifications to customers whenever there's personally identifiable information caught up in a cyber incident.
That's according to new rules issued yesterday by the Federal Communications Commission, which will now also require carriers and service providers to report breaches to the FCC, the FBI, and the Secret Service within seven days of discovery.
The Commission's definition of PII is broad and encompasses not only names, contact information, dates of birth, and Social Security numbers, but also biometrics and a slew of other data.
Previously, the FCC required customer notifications only when Customer Proprietary Network Information data was impacted; CPNI can be thought of as phone bill information, i.e., subscription plan data, usage charges, numbers called or messaged, and so on.
The last update to the FCC's breach reporting requirements was 16 years ago.
Most recently, a Verizon insider threat breach revealed earlier this month exposed information for tens of thousands of employees; T-Mobile saw three different customer breaches in 2023; and a vendor breach last March led to the exposure of data for 9 million AT&T wireless customers.

This Cyber News was published on www.darkreading.com. Publication date: Tue, 13 Feb 2024 21:50:08 +0000

Cyber News related to FCC Requires Telecom, VoIP Providers to Report PII Breaches

FCC orders telecom carriers to report PII data breaches within 30 days - Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. FCC's final rule follows several ...
2 years ago Bleepingcomputer.com

The 5 Best VoIP Routers (Wired, Wireless, and Mesh) - As a VoIP router, it has everything you need, including redundant WAN ports for failover and load balancing, country-based QoS to prioritize VoIP traffic, outage reporting, VLAN traffic separation, support for various VPN connections, and LTE backup ...
1 year ago Techrepublic.com

FCC Requires Telecom, VoIP Providers to Report PII Breaches - Starting next month, telecom and VoIP providers will have to issue data breach notifications to customers whenever there's personally identifiable information caught up in a cyber incident. That's according to new rules issued yesterday by the ...
2 years ago Darkreading.com

T-Mobile pays $31.5 million FCC settlement over 4 data breaches - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
1 year ago Bleepingcomputer.com

Ted Cruz wants to stop the FCC from updating data-breach notification rules - Sen. Ted Cruz and other Republican senators are fighting a Federal Communications Commission plan to impose new data-breach notification requirements on telecom providers. In a letter sent to FCC Chairwoman Jessica Rosenworcel today, the senators ...
2 years ago Arstechnica.com

Tell the FCC It Must Clarify Its Rules to Prevent Loopholes That Will Swallow Net Neutrality Whole - The Federal Communications Commission has released draft rules to reinstate net neutrality, with a vote on adopting the rules to come on the 25th of April. The FCC needs to close some loopholes in the draft rules before then. Net neutrality is the ...
1 year ago Eff.org

What's next on the horizon for telecommunications service providers? A look at 2024 with Red Hat. - In 2023, Red Hat met with so many customers and partners - from industry event interactions and individual meeting rooms to cross country visits and late-night service calls, we've learned so much from our trusted ecosystem. Now, service providers ...
2 years ago Redhat.com

AI-generated voices in robocalls now illegal - The ruling, which takes effect immediately, makes voice cloning technology used in common robocall scams targeting consumers illegal. This would give State Attorneys General across the country new tools to go after bad actors behind these nefarious ...
2 years ago Helpnetsecurity.com

FCC partners with four states on privacy and data protection enforcement - The Federal Communications Commission's privacy and data protection task force will begin partnering with four state governments to strengthen enforcement investigations and pool resources, FCC Chairwoman Jessica Rosenworcel announced Wednesday. The ...
2 years ago Therecord.media

Critical insights into Australia's supply chain risk landscape - Australian organizations find themselves navigating a minefield of supply chain risks, with a surge in incidents stemming from multi-party breaches. These breaches are often caused by vulnerabilities in cloud or software providers and are emerging as ...
1 year ago Tripwire.com

FCC adopts new rule targeting robocalls - The Federal Communications Commission (FCC) has adopted a new rule aimed at combating the persistent issue of illegal robocalls. This regulatory measure enhances the FCC's authority to take swift action against entities that use robocalls to defraud ...
4 months ago Therecord.media

FCC designates first robocall threat actor under new classification system - The Federal Communications Commission on Monday put an entity it is calling Royal Tiger in its crosshairs for facilitating fraudulent robocalls across international networks, making it the first group targeted through a new threat analysis and ...
1 year ago Therecord.media

FCC reveals Royal Tiger, its first tagged robocall threat actor - The Federal Communications Commission has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall ...
1 year ago Bleepingcomputer.com

HackersEra Launches Telecom Penetration Testing to Eliminate Cyber Threats - Cybercriminals have attacked telecom infrastructure, particularly as it shifts to an IP-based design with the introduction of Long-Term Evolution networks, also referred to as LTE or 4G. Persistent attackers could spy on users' cellular networks and ...
2 years ago Cysecurity.news Inception

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
2 years ago Esecurityplanet.com

FCC proposes 3-year cybersecurity pilot for schools, libraries - Dive Brief: The Federal Communications Commission this week proposed a three-year pilot program to study how the agency's Universal Service Fund can help schools and libraries fight cybersecurity threats. The pilot program, which would cost up to ...
2 years ago Cybersecuritydive.com

FCC adopts lead generation rules to protect consumer privacy - The Federal Communications Commission adopted rules for the Telephone Consumer Protection Act that aim to protect consumers against robocalls and robotexts from lead generation and comparison shopping websites and give consumers the ability to choose ...
2 years ago Techtarget.com

FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches - In January, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Sichuan Juxinhe Network Technology, a Chinese cybersecurity firm believed to be directly involved in the Salt Typhoon telecom ...
10 months ago Bleepingcomputer.com

FCC Plans Vote to Rescind Biden-Era Ruling on Telecoms Cybersecurity - The Federal Communications Commission (FCC) is preparing to vote on rescinding a Biden-era ruling that mandated enhanced cybersecurity measures for telecommunications companies. This move signals a shift in regulatory approach towards telecom ...
4 months ago Therecord.media

T-Mobile reaches $31.5M breach settlement with FCC | TechTarget - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
1 year ago Techtarget.com

Preventing PII Leakage through Text Generation AI Systems - Do an online search for ways to bypass text generation AI security filters, and you will find page after page of real examples and recommendations on how one can trick them into giving you information that was supposed to be blocked. This remains ...
2 years ago Securityboulevard.com

Accused data peddler faces prison for running fraud op The Register - A Baltimore man faces a potential maximum 20-year prison sentence after being charged for his alleged role in running an online service that sold personal data which was later used for financial fraud. An underground TLO service is based on the idea ...
2 years ago Theregister.com

25 Best Cloud Service Providers (Public and Private) in 2025 - Oracle Cloud offers a variety of services, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS), to help organizations build, deploy, and run applications in the cloud. Oracle Cloud is a cloud ...
9 months ago Cybersecuritynews.com

FCC adopts new rules to protect consumers from SIM-swapping attacks - The Federal Communications Commission has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC's Privacy and Data Protection Task Force introduced the new regulations in ...
2 years ago Bleepingcomputer.com Scattered Spider

AI-Powered Robocalls Banned Ahead of US Election - The US Federal Communications Commission has introduced a ban on robocalls that contain voices generated by AI to protect US voters from spamming ahead of the November presidential election. Callers must obtain prior express consent from the called ...
2 years ago Infosecurity-magazine.com