20.5k unique visitors in the last 3 days

T‑Mobile US Agrees to USD31.5mn Deal over Data Breach

The US telco has also agreed to strengthen its cybersecurity.

The US Federal Communications Commission (FCC) would like everyone to believe they impose their rules impartially, but it does seem like ‑Mobile US always gets a stiffer punishment for each breach of personal data than their competitors would. Multiple breaches between 2021 and 2023 led the US operator to agree the following sanctions with their regulator.

  • A $15,750,000 civil penalty
  • Another $15,750,000 to be spent on strengthening cybersecurity over the next two years
  • A compliance plan to protect consumers against future data breaches
  • Appointing a Chief Information Security Officer with a regular reporting line to the Board of Directors
  • Implementing a “zero trust” security framework and network segmentation
  • Deploying phishing-resistant multi-factor authentication
  • Adopting data minimization, inventory, and disposal processes
  • Identifying and tracking critical network assets
  • Conducting independent assessments of information security practices of third parties

This sounds like exactly like the kinds of controls that all telcos should have! Perhaps they should have been written into law, instead of written into a court settlement with a specific telco.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email