AT&T, Verizon Fail To Inform Customers About Major Salt Typhoon Hack
from the this-is-why-we-can't-have-nice-things dept
For the better part of the last thirty years, telecom giants and “free market” libertarian think tanks have told anybody who’d listen that gutting regulatory oversight of the U.S. wireless and broadband markets would result in near-Utopian outcomes across innovation and competition.
Instead, the reduction in both competition and real oversight resulted in regional telecom giants like AT&T and Comcast doubling down on all their worst behaviors. Americans now pay some of the highest prices in the world for spotty, sluggish broadband access and abysmal customer service.
But this mindless deregulatory mindset also harms public safety, national security, and consumer privacy. Case in point: the Congressional and regulatory failure to hold telecoms accountable for lax security and lax privacy standards keeps resulting in ugly hacking and privacy scandals that only seem to get worse.
Case in point, eight major U.S. telecoms were recently the victim of a massive intrusion by Chinese hackers who managed to spy on public U.S. officials. The “Salt Typhoon” hack was so severe, the intruders (as of last week) were still rooting around the ISP networks. AT&T and Verizon, two of the compromised companies, apparently didn’t think it was worth informing subscribers:
“The hacking campaign accessed the metadata of more than a million people, an industry source briefed on the matter said. The FBI has no plans to alert those victims, an agency official said last week, and two industry sources, one familiar with AT&T’s plans and one with Verizon’s, said those companies have not contacted most of them.”
FCC cybersecurity rules have always been pretty lax, thanks in part to industry lobbying and the self-serving quest for regulation zero. As Ars Technica notes, FCC rules only recently began to require that telecoms inform the lowly plebs — but not if the carriers pinky swear the risk of the intrusion is limited:
“A Federal Communications Commission order in December 2023 adopted a “harm-based notification trigger” in which “notification of a breach to consumers is not required in cases where a carrier can reasonably determine that no harm to customers is reasonably likely to occur as a result of the breach, or where the breach solely involves encrypted data and the carrier has definitive evidence that the encryption key was not also accessed, used, or disclosed.”
But these hacks are almost always worse than what’s originally reported. And you can’t really trust the companies, keen on downplaying their own incompetence, with being fully transparent about the full scope of the attack. Often they have no idea. If they can’t say with confidence they have kicked the Chinese hackers out of their networks, they can’t say with any confidence what data was impacted.
T-Mobile alone was hacked eight times in the last five years because the company and executives don’t face meaningful penalties (they were also distracted by the rubber stamping of the Sprint T-Mobile merger, which was approved by the first Trump administration despite clear competitive harm). The U.S. is simply too corrupt to pass even a baseline privacy law for the internet era.
Most of the press outlets covering the Salt Typhoon hack can’t be bothered to tether mindless deregulation to the active harm to consumer privacy and national security. Senator Ron Wyden was once again at the forefront of reminding folks last week that lax regulatory oversight directly contributed to this steady parade of scandals.
Instead of shoring up telecom privacy and security oversight, Trump 2.0 will take the opposite tack: dismantling what’s left of regulatory independence and consumer protection standards to please these same giant companies. Thanks to the Trumplican stacked 5th and 6th circuits and Supreme Court, telecoms are currently in multiple courts successfully arguing the FCC has no authority to do absolutely anything our biggest telecom corporations don’t like.
What could possibly go wrong?
Filed Under: broadband, consumers, deregulation, fcc, free market think tank, hack, privacy, salt typhoon, telecom
Companies: at&t, verizon
Comments on “AT&T, Verizon Fail To Inform Customers About Major Salt Typhoon Hack”
Ignorance is bliss, as the proverb says.
Ignorance is great, as telcos would say.
Re:
I wish. If the telcos were ignorant of our personal data and our metadata, there’d be little problem.
Re: Re: RE: "Ignorance is great, as telcos would say. I wish."
RE: “Ignorance is great, as telcos would say. I wish.”
Yeah exactly.
Ignorance of lies and deceptions (=most mainstream news and establishment decrees) is bliss because exposing yourself to that is self-propagandization.
Ignorance of truths is not, or only temporarily or rarely, bliss because it is ultimately self-defeating …. https://johnmichaeldemarco.com/15-reasons-why-ignorance-is-not-bliss
The FALSE mantra of “ignorance is bliss”, promoted in the latter sense, is a product of a fake sick culture that has indoctrinated its “dumbed down” (therefore TRULY ignorant, therefore easy to control) people with many such manipulative slogans. Eg…
““We’re all in this together” is a tribal maxim. Even there, it’s a con, because the tribal leaders use it to enforce loyalty and submission. … The unity of compliance.” — Jon Rappoport, Investigative Journalist
You can find the proof that ignorance is hardly ever bliss (and if so only superficial temporary fake bliss), and how you get to buy into this lie (and other self-defeating lies), in the article “The 2 Married Pink Elephants In The Historical Room –The Holocaustal Covid-19 Coronavirus Madness: A Sociological Perspective & Historical Assessment Of The Covid “Phenomenon”” … https://www.rolf-hefti.com/covid-19-coronavirus.html
“Separate what you know from what you THINK you know.” — Unknown
“If ignorance is bliss, why aren’t there more happy people?” — John Mitchinson
“Repeating what others say and think is not being awake. Humans have been sold many lies…God, Jesus, Democracy, Money, Education, etc. If you haven’t explored your beliefs about life, then you are not awake.” — E.J. Doyle, songwriter
This comment has been flagged by the community. Click here to show it.
Have you heard the good news? Jessie Singal has been banned from Bluesky!
Re:
Who’s Jessie Singal? I thought the guy’s name was Jesse.
Well, good thing Trump is coming to reduce regulations, which will certainly fix issues like this!
(/s, for those that haven’t had their coffee yet)
Maybe they figure they can just hold out another month and it’ll go away like magic.
If you dont tell me, I wont know, and can deny everything.
It would Really be wonderful IF’, what they found was the Backdoor system the Gov. uses to monitor Citizens.
Then comes the Big idea, of ‘What equipment?’ are they using, considering they Banned almost All external nations servers, except those made in the USA.
And any Future upgrades will be at a Cost 25-50% Higher. And I still think they have not updated the Fiber lines.