Kimberly Redmond | |

The hacker who broke into T-Mobile US Inc’s (Nasdaq: TMUS) servers and stole personal data of more than 50 million former, current and prospective customers told The Wall Street Journal that the wireless carrier’s “awful” security made the breach easy to do.

John Binns, the 21-year-old American who took responsibility for the high-profile hack that was disclosed last week by the company, reportedly used an unprotected router as an entry point to breach T-Mobile’s data center near East Wenatchee, Washington.

Reuters | |

The U.S. government on Wednesday said it would work with industry to hammer out new guidelines to improve the security of the technology supply chain, as President Joe Biden appealed to private sector executives to "raise the bar on cybersecurity."

At White House meetings with Biden and members of his Cabinet, executives from Big Tech, the finance industry and infrastructure companies said they would do more about the growing threat of cyber attacks to the U.S. economy.

Kimberly Redmond | |

T-Mobile confirmed on Monday it is investigating the extent of a data breach that hackers claim exposed personal information of more than 100 million of the mobile carrier’s customers. Vice first reported about the hack on Sunday after a post was made in an online forum that claimed to be selling the personal data of more than 100 million T-Mobile customers.

Kimberly Redmond | |

The US Department of Homeland Security (DHS) announced Tuesday that owners and operators of “critical pipelines” that transport hazardous liquids and natural gas will be required to implement “urgently needed protections against cyber intrusions.”

The new security directive follows a May ransomware attack on Colonial Pipeline Co that disrupted gas delivery across the East Coast and aims to limit the chances of similar hacks in the future.

AP News | |

The Biden administration and Western allies formally blamed China on Monday for a massive hack of Microsoft Exchange email server software and asserted that criminal hackers associated with the Chinese government have carried out ransomware and other illicit cyber operations.

The announcements, though not accompanied by sanctions against the Chinese government, were intended as a forceful condemnation of activities a senior Biden administration official described as part of a “pattern of irresponsible behavior in cyberspace.” They highlighted the ongoing threat from Chinese hackers even as the administration remains consumed with trying to curb ransomware attacks from Russia-based syndicates that have targeted critical infrastructure.

Reuters | |

Microsoft said Thursday it has blocked tools developed by an Israeli hacker-for-hire company that were used to spy on more than 100 people around the world, including politicians, human rights activists, journalists, academics and political dissidents.

Microsoft issued a software update and worked with the Citizen Lab at the University of Toronto to investigate the secretive Israeli company behind the hacking efforts. Citizen Lab said the company goes by several names including Candiru, which according to legend is a parasitic fish found in the Amazon that attacks human private parts.

Kimberly Redmond | |

Americans lost a record $4.2 billion in 2020 after falling victim to online scams, almost half the total loss of $7.6 billion over the previous three years, a newly-published report shows.

Released Thursday, identity verification service Social Catfish’s first-ever “State of Internet Scams” study said the dramatic spike could be attributed to increased online activity as more people shopped, worked and learned from home during the COVID-19 pandemic.

Reuters | |

Financial firms may need to bolster their defenses in the face of rocketing cyber attacks after employees began working from home, the Financial Stability Board (FSB) said on Tuesday.

The FSB, which coordinates financial rules for the G20 group of nations, said remote working since economies went into lockdown to fight COVID-19 opened up new possibilities for cyber attacks. Working from home (WFH) is expected to stay in some form across the financial services industry and beyond.

Kimberly Redmond | |

The economic fallout from a significant cyberattack in the US could be worse than the damages caused by a major natural disaster, according to a newly-released study.

Published Monday by the Foundation for Defense of Democracies (FDD) and insurance technology firm Intangic, the report found that the indirect effects of a breach, which include damage to a company’s reputation and its ability to attract investors and creditors, are more costly in the long term than the effects of property damage from extreme weather events.