Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

Verizon Settles $16M FCC Lawsuit

July 24, 2024
Reading Time: 3 mins read
in News
Verizon Settles $16M FCC Lawsuit

Verizon Communications has agreed to a significant $16 million settlement with the Federal Communications Commission (FCC) following a series of data breaches at its subsidiary, TracFone Wireless. The breaches, which occurred between 2021 and 2023, exposed sensitive customer information, including personally identifiable information (PII) and customer proprietary network information (CPNI). This settlement addresses the fallout from three separate incidents that led to unauthorized access to customer data and raised serious concerns about the security of TracFone’s systems.

The first breach, known as the ‘Cross-Brand’ incident, was self-reported by TracFone on January 14, 2022, after the company discovered the breach in December 2021. The investigation revealed that threat actors had exploited vulnerabilities related to authentication and APIs, gaining access to customer data since January 2021. This unauthorized access led to numerous unauthorized number porting requests, further compromising customer security. TracFone’s failure to promptly address these vulnerabilities allowed attackers to exploit these weaknesses extensively.

Following this, two additional breaches involved TracFone’s order websites and were reported on December 20, 2022, and January 13, 2023. In these incidents, unauthenticated threat actors exploited a vulnerability to access order information and other customer data. Despite initial attempts to block the attacks, the attackers employed multiple methods to circumvent security measures. TracFone ultimately implemented a long-term fix for the underlying vulnerabilities by February 2023, but the breaches had already raised significant concerns about the company’s data security practices.

Under the terms of the settlement, Verizon is mandated to implement comprehensive data security measures by February 28, 2025. This includes developing and adhering to a rigorous information security program to address API vulnerabilities, implementing secure authentication for SIM changes and port-out requests, and notifying customers of such requests. Additionally, Verizon will conduct annual information security assessments and engage in independent third-party evaluations every two years to ensure the effectiveness and maturity of its security measures. Annual employee privacy and security awareness training will also be mandated to enhance the company’s capability to protect customer data and adhere to security protocols. These measures aim to strengthen TracFone’s data security infrastructure and prevent future breaches, thereby reinforcing customer trust and compliance with regulatory standards.

Reference:

  • Verizon Agrees to $16M Settlement Over TracFone Data Breaches and Failures
Tags: Cyber NewsCyber News 2024Cyber threatsCybersecurityData BreachesFCCFederal Communications CommissionJuly 2024TracFone WirelessVerizon Communications
ADVERTISEMENT

Related Posts

Hackers Make 520K At Pwn2Own

Hackers Make 520K At Pwn2Own

October 22, 2025
Hackers Make 520K At Pwn2Own

Monolock Ransomware Sold Online

October 22, 2025
Hackers Make 520K At Pwn2Own

Meta Launches New Anti Scam Tools

October 22, 2025
Lumma Stealer Activity Declines

South Korea Targets Online Scam Suspects

October 21, 2025
Lumma Stealer Activity Declines

Myanmar Military Closes Cybercrime Hub

October 21, 2025
Lumma Stealer Activity Declines

Lumma Stealer Activity Declines

October 21, 2025

Latest Alerts

Copilot Flaw Exposes Sensitive Data

PolarEdge Expands Router Botnet

Google Finds New Russian Malware

BitLocker May Lock Your Data Silently

North Korea Hackers Use New JS Malware

WatchGuard Devices At Risk Of RCE

Subscribe to our newsletter

    Latest Incidents

    Union Cyberattack Raises Concerns

    Romanian Prisoner Hacks Prison IT

    Hackers Claim Data On NSA Officials

    Muji Stops Online Sales After Attack

    Major Telco Confirms Cyber Breach

    Russian Hackers Leak UK MoD Files

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial