FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data

Credit to Author: BrianKrebs| Date: Mon, 29 Apr 2024 20:56:42 +0000

The U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers — including AT&T, Sprint, T-Mobile and Verizon — for illegally sharing access to customers’ location information without consent.

Read more

Kroll Employee SIM-Swapped for Crypto Investor Data

Credit to Author: BrianKrebs| Date: Fri, 25 Aug 2023 18:05:10 +0000

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency lender BlockFi and the now-collapsed crypto trading platform FTX each disclosed data breaches this week thanks to a recent SIM-swapping attack targeting an employee of Kroll — the company handling both firms’ bankruptcy restructuring.

Read more

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Credit to Author: BrianKrebs| Date: Mon, 20 Mar 2023 14:47:56 +0000

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection. Here’s a primer on why you might want to do that, and how. Certain questions might be coming to mind right now, like “What the heck is CPNI?” And, ‘If it’s so ‘customer proprietary,’ why is AT&T sharing it with marketers?” Also maybe, “What can I do about it?” Read on for answers to all three questions.

Read more

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Credit to Author: BrianKrebs| Date: Tue, 28 Feb 2023 16:14:57 +0000

Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device.

Read more

A week in security (January 23—29)

Categories: News

Tags: T-Mobile

Tags: ransomware

Tags: Microsoft

Tags: TikTok

Tags: privacy

Tags: Data Privacy Day 2023

Tags: Data Privacy Week 2023

Tags: Malwarebytes 2023 State of Mobile Cybersecurity

Tags: Riot Games

Tags: VASTFLUX

Tags: Grand Theft Auto 5

Tags: iPhone

Tags: vRealize

Tags: video game fish

Tags: credit cart theft

Tags: DuoLingo

Tags: K-12

Tags: Vice Society

Tags: Hive ransomware

The most interesting security related news from the week of January 23-19.

(Read more…)

The post A week in security (January 23—29) appeared first on Malwarebytes Labs.

Read more