Dark Reading Staff, Dark Reading
September 18, 2024
My personal opinion all software providers should be held liable, the claim to hide behind EULA’s
Couple come to mind: Crowd Strike, Microsoft, Cloud Flare, FaceBook, Most RMM Systems (https://cloudstatus.mspportalpartners.net/)
The Federal Communications Commission fined AT&T $13 million and ordered it to tighten up its privacy and security practices in the wake of a catastrophic third-party compromise.
The commission also used its authority under the Communications Act of 1934 to extend consumer protections to the cloud, finding AT&T failed to maintain proper oversight of a third-party provider.
That vendor, data warehousing provider Snowflake, reportedly was compromised in January 2023, exposing a host of organizations’ sensitive data, among them AT&T’s. In the weeks that followed the breach, AT&T acknowledged “nearly all” its customers were affected by exfiltrated call and text records, phone numbers, and other personally identifiable information.
Following an investigation, the FCC ruled on Sept. 16 that Snowflake should have been required to “destroy or return” the information years prior to the incident, and finding AT&T responsible for failing to appropriately protect its customer data.
ArticleATT Fined 13 million (https://www.darkreading.com/cybersecurity-operations/fcc-att-did-not-protect-cloud-data?_mc=NL_DR_EDT_DR_weekly_20240919&cid=NL_DR_EDT_DR_weekly_20240919&sp_aid=125812&elq_cid=34964379&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_eh=949bacdba1e2c4851acc11df0ff47140b1c6468716621bc723fe5fe498198bd9&sp_cid=55121)
Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda, Phishing Simulation & Cyber Security Training
“Where Service and Technical Skills Count”