Paulina Okunytė reports:
After allegedly paying nearly $400,000 for a ransom in May, AT&T is reaching for its wallet again. This time, it’s to settle a cloud breach investigation led by the FCC.
In a press release on September 17th, 2024, the Federal Communications Commission (FCC) announced a $13 million settlement with AT&T to resolve an Enforcement Bureau investigation into the company’s “supply chain integrity” and “whether it failed to protect” the data of AT&T customers.
In January 2023, the telecom company experienced a massive breach when threat actors accessed the data of approximately nine million AT&T wireless accounts. This data was stored by a vendor contracted to create personalized video content, including billing and marketing videos. The company has not disclosed the vendor involved.
“The Communications Act makes clear that carriers have a duty to protect the privacy and security of consumer data, and that responsibility takes on new meaning for digital age data breaches,” said FCC Chairwoman Jessica Rosenworcel in a press release.
Read more at Cybernews.