T-Mobile pays $31.5 million FCC settlement over 4 data breaches

"With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to improve our national cybersecurity posture and help prevent future compromises of Americans' sensitive data," Loyaan A. The FCC's Privacy and Data Protection Task Force, established in 2023 by Chairwoman Rosenworcel, played a central role in the investigation and settlement, just as it did when the FCC reached similar settlements with AT&T in September 2024 ($13 million) and Verizon on behalf of its subsidiary TracFone Wireless in July 2024 ($16 million). The April forfeiture orders finalized Notices of Apparent Liability (NAL) issued against AT&T, Sprint, T-Mobile, and Verizon in February 2020 and slapped each of the four carriers with multi-million fines: $12 million for Sprintand $80 million for T-Mobile (the two carriers have merged since the investigation began), more than $57 million for AT&T, and an almost $47 million fine for Verizon. This agreement resolves the FCC Enforcement Bureau investigations into several cybersecurity incidents and resulting data breaches that impacted T-Mobile's customers in 2021, 2022, and 2023 (an API incident and a sales application breach). The Federal Communications Commission (FCC) announced a $31.5 million settlement with T-Mobile over multiple data breaches that compromised the personal information of millions of U.S. consumers. The FCC has also fined the largest U.S. wireless carriers almost $200 million in April 2024 for sharing their customers' real-time location data without their consent. In February, the FCC also updated its data breach reporting rules to require telecom companies to report data breaches impacting their customers' personally identifiable information within 30 days. As part of the settlement, the telecom carrier must invest $15.75 million in cybersecurity enhancements and pay the U.S. Treasury an additional $15.75 million civil penalty.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 30 Sep 2024 19:25:11 +0000


Cyber News related to T-Mobile pays $31.5 million FCC settlement over 4 data breaches

T-Mobile pays $31.5 million FCC settlement over 4 data breaches - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
2 months ago Bleepingcomputer.com
FCC orders telecom carriers to report PII data breaches within 30 days - Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. FCC's final rule follows several ...
10 months ago Bleepingcomputer.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
T-Mobile reaches $31.5M breach settlement with FCC | TechTarget - "With companies like T-Mobile and other telecom service providers operating in a space where national security and consumer protection interests overlap, we are focused on ensuring critical technical changes are made to telecommunications networks to ...
2 months ago Techtarget.com
Ted Cruz wants to stop the FCC from updating data-breach notification rules - Sen. Ted Cruz and other Republican senators are fighting a Federal Communications Commission plan to impose new data-breach notification requirements on telecom providers. In a letter sent to FCC Chairwoman Jessica Rosenworcel today, the senators ...
1 year ago Arstechnica.com
Critical insights into Australia's supply chain risk landscape - Australian organizations find themselves navigating a minefield of supply chain risks, with a surge in incidents stemming from multi-party breaches. These breaches are often caused by vulnerabilities in cloud or software providers and are emerging as ...
9 months ago Tripwire.com
Tell the FCC It Must Clarify Its Rules to Prevent Loopholes That Will Swallow Net Neutrality Whole - The Federal Communications Commission has released draft rules to reinstate net neutrality, with a vote on adopting the rules to come on the 25th of April. The FCC needs to close some loopholes in the draft rules before then. Net neutrality is the ...
8 months ago Eff.org
AI-generated voices in robocalls now illegal - The ruling, which takes effect immediately, makes voice cloning technology used in common robocall scams targeting consumers illegal. This would give State Attorneys General across the country new tools to go after bad actors behind these nefarious ...
10 months ago Helpnetsecurity.com
FCC partners with four states on privacy and data protection enforcement - The Federal Communications Commission's privacy and data protection task force will begin partnering with four state governments to strengthen enforcement investigations and pool resources, FCC Chairwoman Jessica Rosenworcel announced Wednesday. The ...
1 year ago Therecord.media
FCC proposes 3-year cybersecurity pilot for schools, libraries - Dive Brief: The Federal Communications Commission this week proposed a three-year pilot program to study how the agency's Universal Service Fund can help schools and libraries fight cybersecurity threats. The pilot program, which would cost up to ...
1 year ago Cybersecuritydive.com
Mobile Insecurity: Unmasking the Vulnerabilities in Your Pocket - Mobile devices have become indispensable companions in our daily lives, offering us instant access to a world of information and services. On average, mobile users interact with more than 20 applications each day, making these handheld marvels ...
11 months ago Cyberdefensemagazine.com
Blackbaud Enhances Security Measures Following FTC Settlement - Blackbaud, a major player in U.S. donor data management, recently settled with the Federal Trade Commission after facing scrutiny for a ransomware attack in May 2020. This attack led to a substantial data breach affecting millions of individuals. The ...
10 months ago Cysecurity.news
FCC designates first robocall threat actor under new classification system - The Federal Communications Commission on Monday put an entity it is calling Royal Tiger in its crosshairs for facilitating fraudulent robocalls across international networks, making it the first group targeted through a new threat analysis and ...
7 months ago Therecord.media
FCC reveals Royal Tiger, its first tagged robocall threat actor - The Federal Communications Commission has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall ...
7 months ago Bleepingcomputer.com
FCC adopts lead generation rules to protect consumer privacy - The Federal Communications Commission adopted rules for the Telephone Consumer Protection Act that aim to protect consumers against robocalls and robotexts from lead generation and comparison shopping websites and give consumers the ability to choose ...
11 months ago Techtarget.com
Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
1 year ago Blog.checkpoint.com
Google To Pay $700m To Consumers In US Antitrust Settlement - Google agrees to pay $700m to US consumers in antitrust settlement with users and states as Epic presses to 'open Android ecosystem'. Google is to pay $700 million and allow more competition in its Play app store as part of an antitrust settlement ...
1 year ago Silicon.co.uk
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
11 months ago Securityboulevard.com
Mobile Device Security: Protecting Your Smartphone - To ensure the safety of your smartphone and protect your personal data from unauthorized access, it is crucial to take proactive steps to enhance mobile device security. Enable device encryption: Enable device encryption on your smartphone to protect ...
10 months ago Securityzap.com
FCC adopts new rules to protect consumers from SIM-swapping attacks - The Federal Communications Commission has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC's Privacy and Data Protection Task Force introduced the new regulations in ...
1 year ago Bleepingcomputer.com
CVE-2023-38297 - An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of ...
7 months ago
The Art of Securing Cloud-Native Mobile Applications - We will explore the dynamic intersection of cloud-native architecture and mobile application security, delving into the strategies and best practices essential for safeguarding sensitive data, ensuring user privacy, and fortifying against emerging ...
1 year ago Feeds.dzone.com
FCC Requires Telecom, VoIP Providers to Report PII Breaches - Starting next month, telecom and VoIP providers will have to issue data breach notifications to customers whenever there's personally identifiable information caught up in a cyber incident. That's according to new rules issued yesterday by the ...
10 months ago Darkreading.com
Data Breaches in US Schools Exposed 37.6M Records - Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records. According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded - a dramatic rise from 139 in ...
7 months ago Infosecurity-magazine.com
Ushering in the Next Phase of Mobile App Adoption: Bolstering Growth with Unyielding Security - In recent years, mobile apps have surged in popularity providing consumers with instant access to a variety of life essentials such as finances, education, and healthcare to life's pleasures such as shopping, sports, and gaming. With the popularity ...
1 year ago Cyberdefensemagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)