- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Kyle Brasseur2023-01-20T16:39:00
The Federal Communications Commission (FCC) launched an investigation into T-Mobile after the telecommunications giant disclosed it suffered yet another significant cybersecurity lapse exposing customer information.
T-Mobile said in a filing with the Securities and Exchange Commission on Thursday that a bad actor used a single application programming interface to obtain the data of approximately 37 million current postpaid and prepaid customer accounts. The company said it found no evidence the bad actor breached or compromised its systems and that it shut the issue down within 24 hours of identifying it on Jan. 5.
Affected information included names, billing addresses, email addresses, phone numbers, dates of birth, and T-Mobile account numbers and features. No passwords or financial information were exposed, according to the company.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec. Select an option and click continue.
Annual Membership $499 Value offer
Full price one year membership with auto-renewal.
Membership $599
One-year only, no auto-renewal.
T-Mobile, which experienced three huge data breaches in the past three years, agreed to pay $31.5 million in penalties and remediation for failing to protect millions of its customers’ personal information as part of a settlement with the Federal Communications Commission.
The Federal Communications Commission fined telecommunications giants T-Mobile, Sprint, AT&T, and Verizon a total of approximately $196 million for allegedly selling customers’ location data to third parties without consent.
The Federal Communications Commission announced the launch of a new task force to coordinate privacy and data protection efforts at the agency, which oversees a telecommunications industry often targeted by cybercriminals.
USAA Federal Savings Bank has been hit with its third cease and desist order from the Treasury Department’s Office of the Comptroller of the Currency in the past five years for failing to correct unsafe and unsound banking practices.
Becton Dickinson medical device company will pay $175 million for “repeatedly” misleading investors about its Alaris infusion pump, a product the company knew was flawed and was sold without the required patient-safety approvals, the Securities and Exchange Commission said.
The Securities and Exchange Commission charged bankrupt fashion retailer Express with failing to disclose nearly $1 million in perks to a former chief executive, but did not levy a financial penalty thanks to its cooperation, the SEC said.
