IT Security Stories to Watch: AT&T, FCC Settle on Data Breaches
AT&T (T) will pay $25 million to settle a U.S. Federal Communications Commission (FCC) privacy investigation after the telecommunications giant compromised nearly 280,000 U.S. customers’ personal information.
And as a result, AT&T tops this week’s list of IT security newsmakers, followed by the White House, HP (HPQ) and Auburn University.
What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week’s list of IT security stories to watch to find out:
1. AT&T settles with FCC over data breaches
The FCC completed its largest data security enforcement last week, reaching a $25 million settlement with AT&T due to recent data breaches that affected thousands of AT&T customers over the past few years.
FCC Enforcement Bureau officials said AT&T call center employees in Mexico, Colombia and the Philippines illegally accessed customer records that were provided to third parties.
Travis LeBlanc, chief of the FCC Enforcement Bureau, said the $25 million settlement could provide an example for other organizations about the importance of protecting consumer data at all times.
“Consumers trust that their phone company will zealously guard access to sensitive personal information in customer records,” LeBlanc said in a prepared statement. “[This] agreement shows the commission’s unwavering commitment to protect consumers’ privacy by ensuring that phone companies properly secure customer data, promptly notify customers when their personal data has been breached and put in place robust internal processes to prevent against future breaches.”
2. Hackers access President Obama’s schedule
CNN reported that hackers had access to sensitive information such as real-time non-public details of President Barack Obama’s schedule as a result of October’s White House data breach. White House officials said they initially noticed suspicious activity in the unclassified network that serves the executive office of the president.
Investigators discovered markers that they believe point to hackers working for the Russian government. In addition, investigators noted that the White House intrusion likely began with a phishing email that was launched using a U.S. State Department email account that the hackers had taken over.
“In this case, as we made clear at the time, we took immediate measures to evaluate and mitigate the activity,” National Security Council spokesperson Mark Stroh said. “Any such activity is something we take very seriously.
3. HP: Organizations should focus on cybersecurity training
Art Gilliland, senior vice president and general manager for HP’s software enterprise security products, is recommending that organizations focus on training their employees and improving their internal processes to mitigate cybersecurity issues.
Gilliland told CIO.com that there’s no “silver bullet” product to eliminate cybersecurity problems. However, he also pointed out that cybersecurity tutorials can help organizations identify such issues, and ultimately, find ways to eliminate them.
“The first thing that always gets negotiated out of every [security software] contract is the training and the services,” he added.
4. Auburn University leaks students’ personal information
The personal information of more than 364,000 current, former and prospective Auburn University students was compromised, according to AL.com.
University officials said that some information stored on one of the university’s servers accidentally became accessible online.
The university currently is investigating the incident and noted that there is no evidence that student information was misused thus far.
What do you think will be the biggest IT security stories for MSPs this week? Share your thoughts in the Comments section below, via Twitter @dkobialka or email me at dan.kobialka@penton.com.
