Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

Verizon Settles $16M FCC Lawsuit

July 24, 2024
Reading Time: 3 mins read
in News
Verizon Settles $16M FCC Lawsuit

Verizon Communications has agreed to a significant $16 million settlement with the Federal Communications Commission (FCC) following a series of data breaches at its subsidiary, TracFone Wireless. The breaches, which occurred between 2021 and 2023, exposed sensitive customer information, including personally identifiable information (PII) and customer proprietary network information (CPNI). This settlement addresses the fallout from three separate incidents that led to unauthorized access to customer data and raised serious concerns about the security of TracFone’s systems.

The first breach, known as the ‘Cross-Brand’ incident, was self-reported by TracFone on January 14, 2022, after the company discovered the breach in December 2021. The investigation revealed that threat actors had exploited vulnerabilities related to authentication and APIs, gaining access to customer data since January 2021. This unauthorized access led to numerous unauthorized number porting requests, further compromising customer security. TracFone’s failure to promptly address these vulnerabilities allowed attackers to exploit these weaknesses extensively.

Following this, two additional breaches involved TracFone’s order websites and were reported on December 20, 2022, and January 13, 2023. In these incidents, unauthenticated threat actors exploited a vulnerability to access order information and other customer data. Despite initial attempts to block the attacks, the attackers employed multiple methods to circumvent security measures. TracFone ultimately implemented a long-term fix for the underlying vulnerabilities by February 2023, but the breaches had already raised significant concerns about the company’s data security practices.

Under the terms of the settlement, Verizon is mandated to implement comprehensive data security measures by February 28, 2025. This includes developing and adhering to a rigorous information security program to address API vulnerabilities, implementing secure authentication for SIM changes and port-out requests, and notifying customers of such requests. Additionally, Verizon will conduct annual information security assessments and engage in independent third-party evaluations every two years to ensure the effectiveness and maturity of its security measures. Annual employee privacy and security awareness training will also be mandated to enhance the company’s capability to protect customer data and adhere to security protocols. These measures aim to strengthen TracFone’s data security infrastructure and prevent future breaches, thereby reinforcing customer trust and compliance with regulatory standards.

Reference:

  • Verizon Agrees to $16M Settlement Over TracFone Data Breaches and Failures
Tags: Cyber NewsCyber News 2024Cyber threatsCybersecurityData BreachesFCCFederal Communications CommissionJuly 2024TracFone WirelessVerizon Communications
ADVERTISEMENT

Related Posts

Police Dismantle Crypto Fraud Ring

Police Dismantle Crypto Fraud Ring

September 30, 2025
Police Dismantle Crypto Fraud Ring

UK Arrests Suspect In RTX Ransomware

September 30, 2025
Police Dismantle Crypto Fraud Ring

Police Seize 439 Million In Cybercrime

September 30, 2025
UK Police Seize 5.5 Billion In Bitcoin

UK Police Seize 5.5 Billion In Bitcoin

September 30, 2025
UK Police Seize 5.5 Billion In Bitcoin

Interpol Cracks Down On African Scams

September 30, 2025
UK Police Seize 5.5 Billion In Bitcoin

National Cyber Authorities Release OT Guide

September 30, 2025

Latest Alerts

Hackers Target Libraesva Email Flaw

ShadowV2 Botnet Targets Misconfigured AWS

Cisco Warns Of IOS Zero Day Bug

CISA Warns Of Critical Sudo Flaw

Cybercriminals Use Facebook Google Ads

Fake Microsoft Teams Installers Spread

Subscribe to our newsletter

    Latest Incidents

    Ukrainian Hackers Breach Crimean Servers

    Ransomware Gang Claims Maryland Breach

    Arizona School District Data Breach

    Attackers Take Down Asahi Brewer

    Harrods Alerts Customers To Breach

    Hackers Steal Photos From Kido Nursery

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial