FCC probing T-Mobile after latest cyber incident affects 37M
By 
Kyle Brasseur2023-01-20T16:39:00
The Federal Communications Commission (FCC) launched an investigation into T-Mobile after the telecommunications giant disclosed it suffered yet another significant cybersecurity lapse exposing customer information.
T-Mobile said in a filing with the Securities and Exchange Commission on Thursday that a bad actor used a single application programming interface to obtain the data of approximately 37 million current postpaid and prepaid customer accounts. The company said it found no evidence the bad actor breached or compromised its systems and that it shut the issue down within 24 hours of identifying it on Jan. 5.
Affected information included names, billing addresses, email addresses, phone numbers, dates of birth, and T-Mobile account numbers and features. No passwords or financial information were exposed, according to the company.
Related articles
-
News BriefT-Mobile reaches $31.5M settlement with FCC over multiple data breaches
T-Mobile, which experienced three huge data breaches in the past three years, agreed to pay $31.5 million in penalties and remediation for failing to protect millions of its customers’ personal information as part of a settlement with the Federal Communications Commission.
-
News BriefFCC finalizes $196M in fines against telecoms for sharing location data
The Federal Communications Commission fined telecommunications giants T-Mobile, Sprint, AT&T, and Verizon a total of approximately $196 million for allegedly selling customers’ location data to third parties without consent.
-
News BriefFCC forms consumer data privacy task force
The Federal Communications Commission announced the launch of a new task force to coordinate privacy and data protection efforts at the agency, which oversees a telecommunications industry often targeted by cybercriminals.
More from Regulatory Enforcement
-
ArticleGeorgia Tech to pay $875,000 for allegations brought by compliance officers
Georgia Tech Research Corp. (GTRC) has agreed to pay $875,000 to settle allegations first raised by two compliance officers that its cybersecurity protocols violated acceptable standards for defense contractors, the Department of Justice (DOJ) said.
-
ArticleTractor Supply Company hit with $1.35M fine for alleged California privacy violations
Tractor Supply Company has agreed to get into compliance with California’s consumer privacy law and to pay a $1.35 million fine—the largest yet by California—to settle allegations it violated the privacy rights of customers and job applicants.
-
Basic PageLuminUltra fined $685K by BIS for illegal shipment to Iran
A single $33,000 shipment to Iran triggered a six-figure penalty and years of compliance oversight for biotechnology company LuminUltra Technologies, Inc.