The U.S. Federal Communications Commission (FCC) has issued a strong reminder to mobile phone service providers of their obligations to protect consumers from cybercriminal hacks of their cellphone accounts.
Issued last month by the FCC’s Privacy and Data Protection Task Force, the Enforcement Advisory reminds service providers of the increased cyber threats facing cellphone users, including fraudulent SIM swapping that facilitates access to private consumer data. In addition to ensuring strong mechanisms to protect consumer information, FCC rules also require service providers to immediately notify customers of certain changes to their accounts, including passwords, back-up authentication methods, or address changes.
Carriers who fail to meet FCC rules regarding the protection of consumer information may be subject to monetary penalties and forfeiture, as well as additional reporting obligations and/or other administrative remedies.
Read the FCC’s Enforcement Advisory on service providers’ obligations to protect cellphone access.
