AT&T has launched a new Account Lock feature designed to protect customers from SIM swapping attacks. The security tool, available through the myAT&T app, prevents unauthorized changes to customer accounts including phone number transfers, SIM card changes, billing information updates, device upgrades, and modifications to authorized users.

SIM swapping attacks occur when criminals obtain a victim's phone number through social engineering techniques, then intercept messages and calls to access two-factor authentication codes for sensitive accounts. The attacks have become increasingly common in recent years. AT&T began gradually rolling out Account Lock earlier this year, joining T-Mobile, Verizon, and Google Fi, which already offer similar fraud prevention features.

An anonymous reader shares a report: Sen. Ted Cruz (R-Texas) has a plan for spectrum auctions that could take frequencies away from Wi-Fi and reallocate them for the exclusive use of wireless carriers. The plan would benefit AT&T, which is based in Cruz's home state, along with Verizon and T-Mobile.

Cruz's proposal revives a years-old controversy over whether the entire 6 GHz band should be devoted to Wi-Fi, which can use the large spectrum band for faster speeds than networks that rely solely on the 2.4 and 5 GHz bands. Congress is on the verge of passing legislation that would require spectrum to be auctioned off for full-power, commercially licensed use, and the question is where that spectrum will come from.

When the House of Representatives passed its so-called "One Big Beautiful Bill," it excluded all of the frequencies between 5.925 and 7.125 gigahertz from the planned spectrum auctions. But Cruz's version of the budget reconciliation bill, which is moving quickly toward a final vote, removed the 6 GHz band's protection from spectrum auctions. The Cruz bill is also controversial because it would penalize states that regulate artificial intelligence.

Instead of excluding the 6 GHz band from auctions, Cruz's bill would instead exclude the 7.4-8.4 GHz band used by the military. Under conditions set by the bill, it could be hard for the Commerce Department and Federal Communications Commission to fulfill the Congressional mandate without taking some spectrum away from Wi-Fi.

Comcast is introducing new simplified, contract-free broadband plans that eliminate its unpopular 1.2TB data cap for residential customers. "The company began enforcing a data cap in 2008, when it set that limit at 250GB," notes PCMag. "Four years later, it raised that to 300GB, then lifted it to 1TB in 2016 and inched it up again to 1.25TB in 2020 after suspending it entirely during the early months of the pandemic." The report notes that existing customers will need to switch to these updated plans to benefit from the cap removal. PCMag reports: Steve Croney, Comcast's COO for connectivity and platforms, describes these new "everyday price plans" as "built on simplicity and transparency -- no hidden fees, no confusion." Comcast began showing the new plans on its sign-up pages Thursday morning. The monthly rates largely match those announced when Comcast advertised a rate-lock offer in April:

- 300Mbps downloads for $40 with a one-year lock or $55 with a five-year lock, then $70 a month
- 500Mbps for $55 with a one-year lock or $70 with a five-year lock, then $85
- 1Gbps for $70 with a one-year lock or $85 a month with a five-year lock, then $100
- 2Gbps for $100 with a one-year lock or $115 with a five-year lock, then $130

Upload speeds on those plans will vary by location but should start at 40Mbps. These plans also include one year of Xfinity Mobile wireless service, which combines Verizon's coverage with Comcast's Wi-Fi network.

T-Mobile announced Tuesday it will expand its fiber internet service to more than 500,000 households nationwide, offering three symmetrical speed tiers with five-year price locks starting June 5th. The plans range from 500 Mbps at $80 monthly to 2 Gbps at $110 monthly, with $5 autopay discounts for debit card payments. The expansion follows T-Mobile's joint venture with fiber provider Lumos and its pending Metronet acquisition, positioning the wireless carrier to reach 12 to 15 million households by 2030 as it challenges AT&T and Verizon's multibillion-dollar fiber investments.

Verizon is officially asking for a waiver of the FCC's phone unlocking requirements. From a report: "Given the substantial and growing harms to consumers, competition and Verizon from this obligation -- and the lack of offsetting benefits -- the commission should waive this rule," the operator wrote.

Verizon faces phone unlocking requirements stemming from its acquisition of 700MHz spectrum in 2008, and also from conditions the FCC placed on the operator's acquisition of prepaid provider TracFone in 2021. The requirements mean that when a customer buys a phone from Verizon it's locked to Verizon's network for 60 days, so that they can only use it with a Verizon SIM card. After 60 days, Verizon automatically unlocks the phone, allowing that customer to use their phone on another carrier's network.

Sen. Ron Wyden (D-Ore.) revealed in a new letter to Senate colleagues Wednesday that AT&T, Verizon and T-Mobile failed to create systems for notifying senators about government surveillance on Senate-issued devices -- despite a requirement to do so. From a report: Phone service providers are contractually obligated to inform senators when a law enforcement agency requests their records, thanks to protections enacted in 2020. But in an investigation, Wyden's staff found that none of the three major carriers had created a system to send those notifications.

"My staff discovered that, alarmingly, these crucial notifications were not happening, likely in violation of the carriers' contracts with the [Senate Sergeant at Arms], leaving the Senate vulnerable to surveillance," Wyden said in the letter, obtained first by POLITICO, dated May 21. Wyden said that the companies all started providing notification after his office's investigation. But one carrier told Wyden's office it had previously turned over Senate data to law enforcement without notifying lawmakers, according to the letter.

The Federal Communications Commission has approved Verizon's $9.6 billion acquisition of Frontier Communications, valuing the Dallas-based company at $20 billion including debt. The approval comes after Verizon agreed to scale back diversity initiatives to comply with Trump administration policies.

FCC Chairman Brendan Carr, who previously threatened to block mergers over DEI practices, praised the deal for its potential to "unleash billions in new infrastructure builds" and "accelerate the transition away from old, copper line networks to modern, high-speed ones." The acquisition positions America's largest phone carrier to expand its high-speed internet footprint across Frontier's 25-state network. Verizon plans to deploy fiber to more than one million U.S. homes annually following the transaction.

Charter Communications announced a $21.9 billion deal Friday to acquire Cox Communications, combining two major cable providers as they face mounting competition from wireless carriers offering 5G home internet. The transaction merges Charter's 31.4 million customers with Cox's 6.3 million, creating a larger entity to defend against aggressive expansion from Verizon and T-Mobile.

Charter lost 60,000 internet customers in the March quarter, underscoring the industry's vulnerability as traditional cable broadband growth stalls. Wireless carriers have successfully marketed their fixed wireless access services at lower price points while delivering competitive speeds, turning what was once cable's most profitable segment into contested territory. The combined company, which will be headquartered in Stamford, Connecticut, plans to adopt the Cox Communications name within a year of closing while retaining Spectrum as its consumer-facing brand.

An anonymous reader quotes a report from Ars Technica: Federal Communications Commission Chairman Brendan Carr has threatened to revoke EchoStar licenses for radio frequency bands coveted by rival firms including SpaceX, which alleges that EchoStar is underutilizing the spectrum. "I have directed agency staff to begin a review of EchoStar's compliance with its federal obligations to provide 5G service throughout the United States per the terms of its federal spectrum licenses," Carr wrote in a May 9 letter to EchoStar Chairman Charles Ergen. EchoStar and its affiliates "hold a large number of FCC spectrum licenses that cover a significant amount of spectrum," the letter said.

Ergen defended his company's wireless deployment but informed investors that EchoStar "cannot predict with any degree of certainty the outcome" of the FCC proceedings. The letter from Carr and Ergen's statement is included in a Securities and Exchange Commission filing submitted by EchoStar today. EchoStar's stock price was down about 8 percent in trading today. EchoStar bought Dish Network in December 2023 and offers wireless service under the Boost Mobile brand. As The Wall Street Journal notes, the firm "has spent years wiring thousands of cellphone towers to help Boost become a wireless operator that could rival AT&T, Verizon and T-Mobile, but the project has been slow-going. Boost's subscriber base has shrunk in the five years since Ergen bought the brand from Sprint." [...]

EchoStar will have to prove its case in the two FCC proceedings. The FCC set a May 27 deadline for the first round of comments in both proceedings and a June 6 deadline for reply comments. The proceedings could result in the FCC letting other companies use the spectrum and other remedies. "In particular, we seek information on whether EchoStar is utilizing the 2 GHz band for MSS consistent with the terms of its authorizations and the Commission's rules and policies governing the expectation of robust MSS," the FCC Space Bureau's call for comments said. "We also seek comment on steps the Commission might take to make more intensive use of the 2 GHz band, including but not limited to allowing new MSS entrants in the band." Last month, SpaceX urged the FCC to reallocate the spectrum, saying "the 2 GHz band remains ripe for sharing among next-generation satellite systems that seek to finally make productive use of the spectrum for consumers and first responders."

EchoStar countered that SpaceX's filing is "intended to cloak another land grab for even more free spectrum," and that its "methodology is completely nonsensical, given that EchoStar's terrestrial deployment is subject to population-based milestones that EchoStar has repeatedly demonstrated in status reports."

An anonymous reader quotes a report from Wired: Automakers are increasingly pushing consumers to accept monthly and annual fees to unlock preinstalled safety and performance features, from hands-free driving systems and heated seats to cameras that can automatically record accident situations. But the additional levels of internet connectivity this subscription model requires can increase drivers' exposure to government surveillance and the likelihood of being caught up in police investigations. A cache of more than two dozen police records recently reviewed by WIRED show US law enforcement agencies regularly trained on how to take advantage of "connected cars," with subscription-based features drastically increasing the amount of data that can be accessed during investigations. The records make clear that law enforcement's knowledge of the surveillance far exceeds that of the public and reveal how corporate policies and technologies -- not the law -- determine driver privacy.

"Each manufacturer has their whole protocol on how the operating system in the vehicle utilizes telematics, mobile Wi-Fi, et cetera," one law enforcement officer noted in a presentation prepared by the California State Highway Patrol (CHP) and reviewed by WIRED. The presentation, while undated, contains statistics on connected cars for the year 2024. "If the vehicle has an active subscription," they add, "it does create more data." The CHP presentation, obtained by government transparency nonprofit Property of the People via a public records request, trains police on how to acquire data based on a variety of hypothetical scenarios, each describing how vehicle data can be acquired based on the year, make, and model of a vehicle. The presentation acknowledges that access to data can ultimately be limited due to choices made by not only vehicle manufacturers but the internet service providers on which connected devices rely.

One document notes, for instance, that when a General Motors vehicle is equipped with an active OnStar subscription, it will transmit data -- revealing its location -- roughly twice as often as a Ford vehicle. Different ISPs appear to have not only different capabilities but policies when it comes to responding to government requests for information. Police may be able to rely on AT&T to help identify certain vehicles based on connected devices active in the car but lack the ability to do so when the device relies on a T-Mobile or Verizon network instead. [...] Nearly all subscription-based car features rely on devices that come preinstalled in a vehicle, with a cellular connection necessary only to enable the automaker's recurring-revenue scheme. The ability of car companies to charge users to activate some features is effectively the only reason the car's systems need to communicate with cell towers. The police documents note that companies often hook customers into adopting the services through free trial offers, and in some cases the devices are communicating with cell towers even when users decline to subscribe.

Verizon Consumer CEO Sowmyanarayan Sampath has declared that net neutrality regulations "went literally nowhere." Sampath claimed he couldn't identify what problem net neutrality was attempting to solve, despite Verizon's history of aggressive lobbying against such rules. "I don't know what net neutrality does," Sampath told The Verge. "I still don't know what problem we are trying to solve with net neutrality."

When pressed about potential anti-competitive behaviors like zero-rating services, Sampath deflected by focusing exclusively on traffic management concerns, arguing that networks require prioritization capabilities during congestion. "For traffic management purposes, we need to have some controls in the network," he stated. The interview comes as Verizon faces a different regulatory challenge from FCC Commissioner Brendan Carr, who is holding up Verizon's Frontier acquisition over the company's diversity initiatives.

"Gen Z is rediscovering Tumblr — a chaotic, cozy corner of the internet untouched by algorithmic gloss and influencer overload..." writes Fast Company, "embracing the platform as a refuge from an internet saturated with influencers and algorithm fatigue." Thanks to Gen Z, the site has found new life. As of 2025, Gen Z makes up 50% of Tumblr's active monthly users and accounts for 60% of new sign-ups, according to data shared with Business Insider's Amanda Hoover, who recently reported on the platform's resurgence. User numbers spiked in January during the near-ban of TikTok and jumped again last year when Brazil temporarily banned X. In response, Tumblr users launched dedicated communities to archive and share their favorite TikToks...

To keep up with the momentum, Tumblr introduced Reddit-style Communities in December, letting users connect over shared interests like photography and video games. In January, it debuted Tumblr TV — a TikTok-like feature that serves as both a GIF search engine and a short-form video platform. But perhaps Tumblr's greatest strength is that it isn't TikTok or Facebook. Currently the 10th most popular social platform in the U.S., according to analytics firm Similarweb, Tumblr is dwarfed by giants like Instagram and X. For its users, though, that's part of the appeal.
First launched in 2007, Tumblr peaked at over 100 million users in 2014, according to the article. Trends like Occupy Wall Street had been born on Tumblr, notes Business Insider, calling the blogging platform "Gen Z's safe space... as the rest of the social internet has become increasingly commodified, polarized, and dominated by lifestyle influencers." Tumblr was also "one of the most hyped startups in the world before fading into obsolescence — bought by Yahoo for $1.1 billion in 2013... then acquired by Verizon, and later offloaded for fractions of pennies on the dollar in a distressed sale.

"That same Tumblr, a relic of many millennials' formative years, has been having a moment among Gen Z..." "Gen Z has this romanticism of the early-2000s internet," says Amanda Brennan, an internet librarian who worked at Tumblr for seven years, leaving her role as head of content in 2021... Part of the reason young people are hanging out on old social platforms is that there's nowhere new to go. The tech industry is evolving at a slower pace than it was in the 2000s, and there's less room for disruption. Big Tech has a stranglehold on how we socialize. That leaves Gen Z to pick up the scraps left by the early online millennials and attempt to craft them into something relevant. They love Pinterest (founded in 2010) and Snapchat (2011), and they're trying out digital point-and-shoot cameras and flip phones for an early-2000s aesthetic — and learning the valuable lesson that sometimes we look better when blurrier.

More Gen Zers and millennials are signing up for Yahoo. Napster, surprising many people with its continued existence, just sold for $207 million. The trend is fueled by nostalgia for Y2K aesthetics and a longing for a time when people could make mistakes on the internet and move past them. The pandemic also brought more Gen Z users to Tumblr...

And Tumblr still works much like an older internet, where people have more control over what they see and rely less on algorithms. "You curate your own stuff; it takes a little bit of work to put everything in place, but when it's working, you see the content you want to see," Fjodor Everaerts, a 26-year-old in Belgium who has made some 250,000 posts since he joined Tumblr when he was 14... Under Automattic, Tumblr is finally in the home that serves it, [says Ari Levine, the head of brand partnerships at Tumblr]. "We've had ups and downs along the way, but we're in the most interesting position and place that we've been in 18 years," he says... And following media companies (including Business Insider) and social platforms like Reddit, Automattic in 2024 was making a deal with OpenAI and Midjourney to allow the systems to train on Tumblr posts.

"The social internet is fractured," the article argues. ("Millennials are running Reddit. Gen Xers and Baby Boomers have a home on Facebook. Bluesky, one of the new X alternatives, has a tangible elder-millennial/Gen X vibe. Gen Zers have created social apps like BeReal and the Myspace-inspired Noplace, but they've so far generated more hype than influence....")

But in a world where megaplatforms "flatten our online experiences and reward content that fits a mold," the article suggests, "smaller communities can enrich them."

After raising rates last June for customers on some of its older plans, T-Mobile is pushing up costs again -- but it's not entirely clear how many people are affected. From a report: According to a memo obtained by CNET and sent to T-Mobile employees early this morning, some people will see a $5 per-line increase beginning with their April or May bills.

The memo by Jon Freier, president of T-Mobile's consumer group, states that customers affected by the price hike should be notified by the end of today, March 13. Only those who receive a notice will see the rate increase.

Freier cites the "rising costs over the past several years" as the impetus behind the price push. Other carriers are facing the same headwinds, such as Verizon last December and this January, and AT&T last January and June.

AT&T and Verizon have successfully completed their first cellphone-to-satellite video calls using AST SpaceMobile's satellites, marking a significant step toward commercial satellite networks. The Verge reports: Verizon has completed its first cellphone-to-satellite video call, while AT&T has completed its first using satellites that will be used as part of a commercial network. [...] Verizon pulled off "a live video call between two mobile devices with one connected via satellite and the other connected via Verizon's terrestrial network connection," according to a company press release.

In AT&T's case, "AT&T and AST SpaceMobile have successfully completed another video call by satellite to an everyday smartphone over AT&T spectrum," per AT&T's press release. Both phone companies relied on AST's constellation of five BlueBird satellites that were launched last September for the tests. AT&T's initial video call test happened in June 2023.

Cameron John Wagenius pleaded guilty to hacking AT&T and Verizon and stealing a massive trove of phone records from the companies, according to court records filed on Wednesday. From a report: Wagenius, who was a U.S. Army soldier, pleaded guilty to two counts of "unlawful transfer of confidential phone records information" on an online forum and via an online communications platform.

According to a document filed by Wagenius' lawyer, he faces a maximum fine of $250,000 and prison time of up to 10 years for each of the two counts. Wagenius was arrested and indicted last year. In January, U.S. prosecutors confirmed that the charges brought against Wagenius were linked to the indictment of Connor Moucka and John Binns, two alleged hackers whom the U.S. government accused of several data breaches against cloud computing services company Snowflake, which were among the worst hacks of 2024.

Today T-Mobile announced what they're calling "the next big thing in wireless" — T-Mobile Starlink. But the real surprise is "The beta is now open for absolutely everyone — yes, even Verizon and AT&T customers — to register for free access until July."

And, as they explained to Americans watching the Super Bowl, "If you can see the sky you're connected." Now in public beta, this breakthrough service, developed in partnership with Starlink, uses straight-out-of-a-sci-fi-movie satellite and mobile communications technology to help keep people connected — even you, Verizon and AT&T customers — in the more than 500,000 square miles of the country unreached by any carrier's earth-bound cell towers. That's nearly the size of two Texases...! The beauty of the service is its simplicity: users don't need to do anything out of the ordinary. When a user's cell phone gets out of range of a cell tower, the phone automatically connects to the T-Mobile Starlink network. No need to manually connect. Messages are sent and received just as they are today on a traditional network, even group texts and reactions. And it works on most smartphones from the last four years. It's not limited to a few smartphones or operating systems...

The beta is free until July at which point T-Mobile Starlink will be included at no extra cost on Go5G Next (including variations like Go5G Next 55+), T-Mobile's best plan. Business customers will also get T-Mobile Starlink at no extra cost on Go5G Business Next, first responder agencies on T-Priority plans and other select premium rate plans. T-Mobile customers on any other plan can add the service for $15/month per line. Through February, T-Mobile customers who have registered for the beta can secure a $10/month per line Early Adopter Discount, 33% off the full price.

AT&T and Verizon customers hate dead zones, too

When your service is amazing and different, you want as many people to try it as possible. T-Mobile is giving AT&T and Verizon customers the opportunity to try out T-Mobile Starlink satellite service on their existing phones... During the beta period, Verizon and AT&T customers can experience T-Mobile Starlink text messaging for free, and once the service launches in July, it will be available for $20/month per line... More details and consumer registration can be found here.

A Vision for Universal Coverage

As T-Mobile and Starlink continue to work towards eliminating mobile deadzones, the companies welcome wireless providers from around the world to join their growing alliance, which aims to provide reciprocal roaming for all participating carriers. So far, KDDI (Japan), Telstra (Australia), Optus (Australia), One NZ (New Zealand), Salt (Switzerland), Entel (Chile & Peru), Rogers (Canada) and Kyivstar (Ukraine) are among the providers that have signed on to join the cause and launch satellite-to-mobile technology. Learn more about the alliance and how providers can join at direct.starlink.com.

An anonymous reader quotes a report from Ars Technica: The Department of Homeland Security has terminated all members of advisory committees, including one that has been investigating a major Chinese hack of large US telecom firms. "The Cyber Safety Review Board -- a Department of Homeland Security investigatory body stood up under a Biden-era cybersecurity executive order to probe major cybersecurity incidents -- has been cleared of non-government members as part of a DHS-wide push to cut costs under the Trump administration, according to three people familiar with the matter," NextGov/FCW reported yesterday.

A memo sent Monday by DHS Acting Secretary Benjamine Huffman said that in order to "eliminate[e] the misuse of resources and ensur[e] that DHS activities prioritize our national security, I am directing the termination of all current memberships on advisory committees within DHS, effective immediately. Future committee activities will be focused solely on advancing our critical mission to protect the homeland and support DHS's strategic priorities." The memo said advisory board members terminated this week "are welcome to reapply." The Cyber Safety Review Board's list of members included security experts from the private sector and lead cybersecurity officials from multiple government agencies. "The CSRB was 'less than halfway' done with its Salt Typhoon investigation, according to a now-former member," wrote freelance cybersecurity reporter Eric Geller, who quoted an anonymous source as saying the Cyber Safety Review Board's review of Salt Typhoon is "dead." The former member was also quoted as saying, "There are still professional staff for the CSRB and I hope they will continue some of the work in the interim."

The Cyber Safety Review Board operates under (PDF) the DHS's Cybersecurity and Infrastructure Security Agency (CISA), notes Ars. The review board previously investigated a 2023 hack of Microsoft Exchange Online and more recently has been investigating how the Chinese hacking group called Salt Typhoon infiltrated major telecom providers such as Verizon and AT&T.

In a potential U.S.-China conflict, cyberattackers are military weapons. That's the thrust of a new article from the Wall Street Journal: The message from President Biden's national security adviser was startling. Chinese hackers had gained the ability to shut down dozens of U.S. ports, power grids and other infrastructure targets at will, Jake Sullivan told telecommunications and technology executives at a secret meeting at the White House in the fall of 2023, according to people familiar with it. The attack could threaten lives, and the government needed the companies' help to root out the intruders.

What no one at the briefing knew, including Sullivan: China's hackers were already working their way deep inside U.S. telecom networks, too. The two massive hacking operations have upended the West's understanding of what Beijing wants, while revealing the astonishing skill level and stealth of its keyboard warriors — once seen as the cyber equivalent of noisy, drunken burglars. China's hackers were once thought to be interested chiefly in business secrets and huge sets of private consumer data. But the latest hacks make clear they are now soldiers on the front lines of potential geopolitical conflict between the U.S. and China, in which cyberwarfare tools are expected to be powerful weapons. U.S. computer networks are a "key battlefield in any future conflict" with China, said Brandon Wales, a former top U.S. cybersecurity official at the Department of Homeland Security, who closely tracked China's hacking operations against American infrastructure. He said prepositioning and intelligence collection by the hackers "are designed to ensure they prevail by keeping the U.S. from projecting power, and inducing chaos at home."

As China increasingly threatens Taiwan, working toward what Western intelligence officials see as a target of being ready to invade by 2027, the U.S. could be pulled into the fray as the island's most important backer... Top U.S. officials in both parties have warned that China is the greatest danger to American security.

In the infrastructure attacks, which began at least as early as 2019 and are still taking place, hackers connected to China's military embedded themselves in arenas that spies usually ignored, including a water utility in Hawaii, a port in Houston and an oil-and-gas processing facility. Investigators, both at the Federal Bureau of Investigation and in the private sector, found the hackers lurked, sometimes for years, periodically testing access. At a regional airport, investigators found the hackers had secured access, and then returned every six months to make sure they could still get in. Hackers spent at least nine months in the network of a water-treatment system, moving into an adjacent server to study the operations of the plant. At a utility in Los Angeles, the hackers searched for material about how the utility would respond in the event of an emergency or crisis. The precise location and other details of the infrastructure victims are closely guarded secrets, and couldn't be fully determined.

American security officials said they believe the infrastructure intrusions — carried out by a group dubbed Volt Typhoon — are at least in part aimed at disrupting Pacific military supply lines and otherwise impeding America's ability to respond to a future conflict with China, including over a potential invasion of Taiwan... The focus on Guam and West Coast targets suggested to many senior national-security officials across several Biden administration agencies that the hackers were focused on Taiwan, and doing everything they could to slow a U.S. response in a potential Chinese invasion, buying Beijing precious days to complete a takeover even before U.S. support could arrive.
The telecom breachers "were also able to swipe from Verizon and AT&T a list of individuals the U.S. government was surveilling in recent months under court order, which included suspected Chinese agents. The intruders used known software flaws that had been publicly warned about but hadn't been patched."

And ultimately nine U.S. telecoms were breached, according to America's deputy national security adviser for cybersecurity — including what appears to have been a preventable breach at AT&T (according to "one personal familiar with the matter"): [T]hey took control of a high-level network management account that wasn't protected by multifactor authentication, a basic safeguard. That granted them access to more than 100,000 routers from which they could further their attack — a serious lapse that may have allowed the hackers to copy traffic back to China and delete their own digital tracks.
The details of the various breaches are stunning: Chinese hackers gained a foothold in the digital underpinnings of one of America's largest ports in just 31 seconds. At the Port of Houston, an intruder acting like an engineer from one of the port's software vendors entered a server designed to let employees reset their passwords from home. The hackers managed to download an encrypted set of passwords from all the port's staff before the port recognized the threat and cut off the password server from its network...

An anonymous reader quotes a report from KrebsOnSecurity: Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea. Cameron John Wagenius was arrested near the Army base in Fort Hood, Texas on Dec. 20, after being indicted on two criminal counts of unlawful transfer of confidential phone records. The sparse, two-page indictment (PDF) doesn't reference specific victims or hacking activity, nor does it include any personal details about the accused. But a conversation with Wagenius' mother -- Minnesota native Alicia Roen -- filled in the gaps.

Roen said that prior to her son's arrest he'd acknowledged being associated with Connor Riley Moucka, a.k.a. "Judische," a prolific cybercriminal from Canada who was arrested in late October for stealing data from and extorting dozens of companies that stored data at the cloud service Snowflake. In an interview with KrebsOnSecurity, Judische said he had no interest in selling the data he'd stolen from Snowflake customers and telecom providers, and that he preferred to outsource that to Kiberphant0m and others. Meanwhile, Kiberphant0m claimed in posts on Telegram that he was responsible for hacking into at least 15 telecommunications firms, including AT&T and Verizon. On November 26, KrebsOnSecurity published a story that followed a trail of clues left behind by Kiberphantom indicating he was a U.S. Army soldier stationed in South Korea.

[...] Immediately after news broke of Moucka's arrest, Kiberphant0m posted on the hacker community BreachForums what they claimed were the AT&T call logs for President-elect Donald J. Trump and for Vice President Kamala Harris. [...] On that same day, Kiberphant0m posted what they claimed was the "data schema" from the U.S. National Security Agency. On Nov. 5, Kiberphant0m offered call logs stolen from Verizon's push-to-talk (PTT) customers -- mainly U.S. government agencies and emergency first responders. On Nov. 9, Kiberphant0m posted a sales thread on BreachForums offering a "SIM-swapping" service targeting Verizon PTT customers. In a SIM-swap, fraudsters use credentials that are phished or stolen from mobile phone company employees to divert a target's phone calls and text messages to a device they control.

China-linked spies may still be lurking in U.S. telecommunications networks — but the breach could be much, much wider. In fact, a "couple dozen" countries were hit by the attack, the Wall Street Journal reported this week, citing a top U.S. national security adviser. "Chinese government hackers have compromised telecommunications infrastructure across the globe as part of a massive espionage campaign..." Speaking during a press briefing Wednesday, Anne Neuberger, President Biden's deputy national security adviser for cyber and emerging technology, said the so-called Salt Typhoon campaign is ongoing and that at least eight telecommunications firms in the U.S. had been breached... The Journal previously identified Verizon, AT&T, T-Mobile and Lumen Technologies among the victims... [M]etadata grabs appeared to be "regional" in focus, and were likely a means to identify phone lines of valuable senior government officials, which the hackers then targeted to steal encrypted text messages and listen in on some phone calls, the official said... President-elect Donald Trump, Vice President-elect JD Vance, senior congressional staffers and an array of U.S. security officials were among scores of individuals to have their calls and texts directly targeted, an intelligence-collection coup that likely ensnared their private communications with thousands of Americans, the Journal has reported.

The senior administration official said the global tally of countries victimized was currently believed to be in the "low, couple dozen" but didn't give a precise figure. The global campaign of hacking activity dates back at least a year or two, the official said.
"Neuberger, on the press briefing, said that it wasn't believed that classified communications were accessed in the breaches."