The Office of Inadequate Security
WASHINGTON, September 30, 2024—The Federal Communications Commission today announced a groundbreaking data protection and cybersecurity settlement with T-Mobile to resolve the Enforcement Bureau’s investigations into significant data breaches that impacted millions of U.S. consumers. To settle the investigations, T-Mobile has agreed to important forward-looking commitments to address foundational security flaws, work to improve cyber hygiene,…
DPA reports: French news agency Agence France-Presse (AFP) has been hit by a cyberattack, the agency said in a statement on Saturday. The attack on AFP’s IT system, which partly affected transmission technology to customers, was discovered on Friday. It is unclear who was behind the attack. AFP’s technical department, assisted by the National Cybersecurity…
Natasha Lomas reports: Reset your clocks: Meta has been hit with yet another privacy penalty in Europe. On Friday, Ireland’s Data Protection Commission (DPC) announced a reprimand and a €91 million fine — around $101.5M USD at current exchange rates — after concluding a multi-year investigation into a 2019 security breach by Facebook’s parent company. […]…
What do you do when you have suffered an embarrassing data breach, your attacker(s) are taunting and criticizing you publicly, and some of your data has already been leaked? This month, DataBreaches notes that two victims in different countries are both seeking court injunctions in the hope that they can get stolen data removed from…
Tara Seals reports: A freshly discovered advanced persistent threat (APT) dubbed “Salt Typhoon” has reportedly infiltrated Internet service provider (ISP) networks in the US, looking to steal information and potentially set up a launchpad for disruptive attacks. Citing “people familiar with the matter,” the Wall Street Journal broke the news on Sept. 25 that the Chinese-sponsored state…
Several days ago, Cybernews claimed “exclusive research” that they headlined by claiming, “One-third of the US population’s background info is now public.” DataBreaches pointed out that their reporting was missing important details. DataBreaches wrote: Unfortunately, they fail to clearly report when they discovered the leak, whether or when they contacted the entity to alert them…