FCC Requires Telecom, VoIP Providers to Report PII Breaches

Starting next month, telecom and VoIP providers will have to issue data breach notifications to customers whenever there's personally identifiable information caught up in a cyber incident.
That's according to new rules issued yesterday by the Federal Communications Commission, which will now also require carriers and service providers to report breaches to the FCC, the FBI, and the Secret Service within seven days of discovery.
The Commission's definition of PII is broad and encompasses not only names, contact information, dates of birth, and Social Security numbers, but also biometrics and a slew of other data.
Previously, the FCC required customer notifications only when Customer Proprietary Network Information data was impacted; CPNI can be thought of as phone bill information, i.e., subscription plan data, usage charges, numbers called or messaged, and so on.
The last update to the FCC's breach reporting requirements was 16 years ago.
Most recently, a Verizon insider threat breach revealed earlier this month exposed information for tens of thousands of employees; T-Mobile saw three different customer breaches in 2023; and a vendor breach last March led to the exposure of data for 9 million AT&T wireless customers.


This Cyber News was published on www.darkreading.com. Publication date: Tue, 13 Feb 2024 21:50:08 +0000


Cyber News related to FCC Requires Telecom, VoIP Providers to Report PII Breaches

FCC orders telecom carriers to report PII data breaches within 30 days - Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. FCC's final rule follows several ...
8 months ago Bleepingcomputer.com
The 5 Best VoIP Routers (Wired, Wireless, and Mesh) - As a VoIP router, it has everything you need, including redundant WAN ports for failover and load balancing, country-based QoS to prioritize VoIP traffic, outage reporting, VLAN traffic separation, support for various VPN connections, and LTE backup ...
1 month ago Techrepublic.com
FCC Requires Telecom, VoIP Providers to Report PII Breaches - Starting next month, telecom and VoIP providers will have to issue data breach notifications to customers whenever there's personally identifiable information caught up in a cyber incident. That's according to new rules issued yesterday by the ...
8 months ago Darkreading.com
T-Mobile pays $31.5 million FCC settlement over 4 data breaches - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
1 month ago Bleepingcomputer.com
Ted Cruz wants to stop the FCC from updating data-breach notification rules - Sen. Ted Cruz and other Republican senators are fighting a Federal Communications Commission plan to impose new data-breach notification requirements on telecom providers. In a letter sent to FCC Chairwoman Jessica Rosenworcel today, the senators ...
10 months ago Arstechnica.com
What's next on the horizon for telecommunications service providers? A look at 2024 with Red Hat. - In 2023, Red Hat met with so many customers and partners - from industry event interactions and individual meeting rooms to cross country visits and late-night service calls, we've learned so much from our trusted ecosystem. Now, service providers ...
9 months ago Redhat.com
Critical insights into Australia's supply chain risk landscape - Australian organizations find themselves navigating a minefield of supply chain risks, with a surge in incidents stemming from multi-party breaches. These breaches are often caused by vulnerabilities in cloud or software providers and are emerging as ...
7 months ago Tripwire.com
Tell the FCC It Must Clarify Its Rules to Prevent Loopholes That Will Swallow Net Neutrality Whole - The Federal Communications Commission has released draft rules to reinstate net neutrality, with a vote on adopting the rules to come on the 25th of April. The FCC needs to close some loopholes in the draft rules before then. Net neutrality is the ...
6 months ago Eff.org
AI-generated voices in robocalls now illegal - The ruling, which takes effect immediately, makes voice cloning technology used in common robocall scams targeting consumers illegal. This would give State Attorneys General across the country new tools to go after bad actors behind these nefarious ...
8 months ago Helpnetsecurity.com
FCC partners with four states on privacy and data protection enforcement - The Federal Communications Commission's privacy and data protection task force will begin partnering with four state governments to strengthen enforcement investigations and pool resources, FCC Chairwoman Jessica Rosenworcel announced Wednesday. The ...
11 months ago Therecord.media
FCC designates first robocall threat actor under new classification system - The Federal Communications Commission on Monday put an entity it is calling Royal Tiger in its crosshairs for facilitating fraudulent robocalls across international networks, making it the first group targeted through a new threat analysis and ...
5 months ago Therecord.media
HackersEra Launches Telecom Penetration Testing to Eliminate Cyber Threats - Cybercriminals have attacked telecom infrastructure, particularly as it shifts to an IP-based design with the introduction of Long-Term Evolution networks, also referred to as LTE or 4G. Persistent attackers could spy on users' cellular networks and ...
10 months ago Cysecurity.news
FCC reveals Royal Tiger, its first tagged robocall threat actor - The Federal Communications Commission has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall ...
5 months ago Bleepingcomputer.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
FCC proposes 3-year cybersecurity pilot for schools, libraries - Dive Brief: The Federal Communications Commission this week proposed a three-year pilot program to study how the agency's Universal Service Fund can help schools and libraries fight cybersecurity threats. The pilot program, which would cost up to ...
11 months ago Cybersecuritydive.com
FCC adopts lead generation rules to protect consumer privacy - The Federal Communications Commission adopted rules for the Telephone Consumer Protection Act that aim to protect consumers against robocalls and robotexts from lead generation and comparison shopping websites and give consumers the ability to choose ...
9 months ago Techtarget.com
T-Mobile reaches $31.5M breach settlement with FCC | TechTarget - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
1 month ago Techtarget.com
Preventing PII Leakage through Text Generation AI Systems - Do an online search for ways to bypass text generation AI security filters, and you will find page after page of real examples and recommendations on how one can trick them into giving you information that was supposed to be blocked. This remains ...
10 months ago Securityboulevard.com
Accused data peddler faces prison for running fraud op The Register - A Baltimore man faces a potential maximum 20-year prison sentence after being charged for his alleged role in running an online service that sold personal data which was later used for financial fraud. An underground TLO service is based on the idea ...
9 months ago Theregister.com
Data Breaches in US Schools Exposed 37.6M Records - Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records. According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded - a dramatic rise from 139 in ...
5 months ago Infosecurity-magazine.com
FCC adopts new rules to protect consumers from SIM-swapping attacks - The Federal Communications Commission has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC's Privacy and Data Protection Task Force introduced the new regulations in ...
11 months ago Bleepingcomputer.com
Apple: 2.5B Records Exposed, Marking Staggering Surge in Data Breaches - An Apple-commissioned report this week has highlighted once again why analysts have long recommended the use of end-to-end encryption to protect sensitive data against theft and misuse. The report is based on an independent study of publicly reported ...
10 months ago Darkreading.com
AI-Powered Robocalls Banned Ahead of US Election - The US Federal Communications Commission has introduced a ban on robocalls that contain voices generated by AI to protect US voters from spamming ahead of the November presidential election. Callers must obtain prior express consent from the called ...
8 months ago Infosecurity-magazine.com
CVE-2021-31340 - A vulnerability has been identified in SIMATIC RF166C (All versions > V1.1 and < V1.3.2), SIMATIC RF185C (All versions > V1.1 and < V1.3.2), SIMATIC RF186C (All versions > V1.1 and < V1.3.2), SIMATIC RF186CI (All versions > V1.1 ...
2 years ago
CVE-2024-37995 - A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions ...
1 month ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)