At a glance.
- FCC investigates T-Mobile hack.
- More on the JPMorgan Chase breach.
- Cyber break-in at Manchester social housing organization: data stolen.
- Protected information exposed at New Mexico hospitals?
FCC investigates T-Mobile hack.
The US Federal Communications Commission (FCC) is looking into T-Mobile’s data security practices following the breach disclosed this week, the Wall Street Journal reports. Cybersecurity litigation attorney Amy Keller wonders why the carrier was storing non-customers’ social security numbers, for instance.
President Biden has pledged stronger privacy and security enforcement and has not been shy with regulatory action. FCC cyber guidance is typically non-compulsory, however, and former FCC Chairman Tom Wheeler thinks it should stay that way, since laws lag behind industry developments and can clue in threat actors to vulnerabilities.
More on the JPMorgan Chase breach.
Infosecurity Magazine has an update on the JPMorgan Chase data breach that permitted app and website users to access others’ information. Names, transaction details, and account numbers and balances may have been exposed between May and July of this year. The incident was reported to Montana’s Attorney General in August, and apparently impacted seven clients in the state. Victims were gifted a year of credit monitoring and warned to watch for suspicious transactions. The financial firm said it discovered no signs of improper activity. Still no word on how the breach happened, or how exactly customers might have been able to view one another’s data.
Cyber break-in at Manchester social housing organization: data stolen.
Manchester Evening News says two partners of British social housing group ForViva suffered a ransomware attack in July, exposing “a small amount” of information. ForViva’s CEO indicated that tenant “data is safe,” but anti-virus company Emsisoft located ForViva data on the dark web earlier this month. An executive from one of the impacted organizations commented, “We have liaised with the relevant authorities, and are currently working closely with any of our partners who have been affected to allow them to be extra vigilant."
Protected information exposed at New Mexico hospitals?
A May breach of University of New Mexico (UNM) Health’s network server might have compromised 600 thousand-plus patients’ names, birth dates, social security numbers, home addresses, and medical records, according to HealthITSecurity. Affected patients are being notified by mail, and the lucky winners whose social security numbers may have been accessed are being offered an identity theft and credit monitoring package. The incident was discovered in June; letters started going out in August. The nature of the breach is unclear, aside from the fact that an “unauthorized third party gained access.” UNM Health announced it “has provided additional education to staff and is enhancing the security of its systems and the information it maintains.”