InfoSecBulletin Cybersecurity for mankind
Frontier Communications, a Texas-based telecom company, reported a cyberattack to the Securities and Exchange Commission. The company offers internet services in over 25 states and had $5.75 billion in revenues in 2023.
The company said it detected unauthorized access to its IT systems on April 14 and began instituting “containment measures” that included “shutting down certain of the Company’s systems.” The shutdowns caused operational disruption that the company said “could be considered material.”
WhatsApp banned on all US House of Representatives devices
Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store
OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems
Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
The company statement reads, On April 14, 2024, Frontier Communications Parent, Inc. (the “Company”) detected that a third party had gained unauthorized access to portions of its information technology environment. Upon detection, the Company initiated its previously established cyber incident response protocols and took measures to contain the incident. As part of this process, the containment measures, which included shutting down certain of the Company’s systems, resulted in an operational disruption that could be considered material. Based on the Company’s investigation, it has determined that the third party was likely a cybercrime group, which gained access to, among other information, personally identifiable information.
As of the date of this filing, the Company believes it has contained the incident and has restored its core information technology environment and is in the process of restoring normal business operations.
The Company continues to investigate the incident, has engaged cybersecurity experts, and has notified law enforcement authorities. The Company does not believe the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.
On its website, Frontier says it is experiencing technical issues with its internal support systems and provided a phone number for those in need of assistance.
As of Thursday afternoon, no hacking group has claimed responsibility for the incident. Recently, many telecommunication companies have been targeted by cybercriminals and nation-states, who are conducting more frequent attacks on companies that possess large amounts of consumer data.
AT&T recently revealed a data breach that affected over 51 million people. The breach exposed customer information such as Social Security numbers, AT&T account numbers, and AT&T passcodes.
The Federal Communications Commission (FCC) updated its data breach rules in December. This is the first time in 16 years that the rules have been updated. The updates expand the regulations on how telecommunication companies report cybersecurity incidents.
FCC Chairwoman Jessica Rosenworcel argued that the rules the agency created more than 15 years ago are no longer compatible with a modern world where telecommunication carriers have access to a “treasure trove of data about who we are, where we have traveled, and who we have talked to.”
Source: UNITED STATES SECURITIES AND EXCHANGE COMMISSION WEBSITE & THE RECORD
