This week, the FCC fined AT&T $13 million following a data breach that compromised 8.9 million customer records. Poor data security and a failure to enforce data deletion by a third-party vendor led to this significant violation.
A significant data breach at AT&T, impacting nearly all wireless customers, has exposed call and text message records. The 2022 breach highlights vulnerabilities in telecommunication security, emphasizing the need for VoIP engineers to implement robust measures.
Australia’s Communications and Media Authority has initiated legal proceedings against Optus, the nation’s second-largest telecommunications provider, following a significant data breach in 2022. The ACMA has taken the matter to the Federal Court, accusing Optus of failing to secure its customers’ personal data, thereby breaching the Telecommunications (Interception and Access) Act of 1979.
In a significant security incident, US telecom giant Verizon suffered a serious data breach impacting over 63,000 workers. Despite occurring last September, the leak wasn’t detected until December. Delving into the possible causes reveals potential insider wrongdoing. With the exposed data consisting of extensive personal details, Verizon claims that it hasn’t been shared externally yet. As the company probes into the breach, it offers its affected staff credit monitoring and identity theft protection for two years.
In an unprecedented move, China has taken decisive action against personal data breaches, closing a staggering number of cases while also unveiling draft laws to regulate facial recognition technology. Over the past three years, Chinese law enforcement has effectively shut down 36,000 instances of personal data violations, leading to the detention of 64,000 suspects, as per the Ministry of Public Security. These efforts are part of a broader initiative launched in 2020 to govern online activities, resulting in the seizure of more than 30 million SIM cards and 300 million “illegal” internet accounts.
Ofcom falls victim to Clop ransomware attack, compromising personal data of 412 employees and confidential information of regulated companies. The breach exposes vulnerabilities in MOVEit software, prompting industry-wide reevaluation of cybersecurity measures.
Meta was fined €265 million by Irish regulators on Monday. This is the company’s latest penalty for violating rigorous European Union data privacy regulations. According to the Data Protection Commission (DPC), Meta Platforms Inc. violated parts of the EU’s General Data Protection Regulation (GDPR), which require technological and organizational measures to secure user data. The authority began looking into press reports that user data for more than 533 million people was discovered to have been leaked online last year. This information was detected on a website for hackers, and includes names, Facebook IDs, phone numbers, residences, birthdates and email addresses of individuals from more than 100 different countries. The DPC investigation discovered that Meta’s Facebook Search, Facebook Messenger Contact Importer and Instagram Contact Importer capabilities did not adhere to GDPR rules between May 25, 2018 and September 19, 2019. According to Meta, the information was “scraped”…
In late July, Samsung Electronics experienced a cybersecurity incident that resulted in the exposure of personal data of some American customers. The business said it discovered the data breach on August 4. Samsung claims that the customers’ social security numbers and credit card numbers were unaffected, but information such as names, contact information, demographic information, date of birth, and product registration information was compromised. Samsung has already issued a warning to impacted consumers to be on the lookout for phishing emails that attempt to obtain additional personal data. These emails may be used for identity theft or to deceive recipients into installing malware on their computers. The business did not, however, address how many consumers were impacted or why it took Samsung more than a month to alert customers regarding this breach, which was reported only hours before a Labor Day weekend in the United States. …
T-Mobile, the third-largest carrier in the United States, that has recently completed a $26 billion merger with Sprint, announced that it had experienced a second data breach in December, 2020. The security breach may have revealed call-related information and phone numbers of some of its customers. According to the company, it recently discovered illegal access to some customer account information, including data that T-Mobile collects on its customers when considering the provision of mobile services. However, the company reported that the information affected by the violation did not include the customer’s account names, physical or email addresses, financial data, credit card information, social security numbers, tax IDs, passwords or PINs. The information accessed by hackers is known as Customer Proprietary Network Information (CPNI). This data can include call records, such as when the call was made, how long it lasted, the caller’s phone number and destination phone numbers,…
The UK’s Information Commissioner’s Office (ICO) has issued Facebook a penalty notice requiring the payment of £500,000 due to “a very serious data incident”. The fine is the maximum that can be imposed under the United Kingdom’s Data Protection Act 1998, which was the ruling document when the incidents occurred. “We considered these contraventions to be so serious we imposed the maximum penalty under the previous legislation. The fine would inevitably have been significantly higher under the GDPR. One of our main motivations for taking enforcement action is to drive meaningful change in how organisations handle people’s personal data,” commented the UK’s Information Commissioner, Elizabeth Denham. The data breach incidents occurred between 2007 and 2014, when Facebook failed to properly monitor the developers using the Facebook platform to build apps, and allowed them access to user information without clear consent. This particular case concerned Aleksandr Kogan and his…