Let’s do a quick recap of some of this week’s cybersecurity news headlines before we dive into the weekend. Here’s what you might have missed this week:
Apple recently settled a class action lawsuit for $95 million after security concerns arose about Siri due to the program accidentally activating during conversations and showing Apple users ads for the products they mentioned when speaking.
Apple settled the lawsuit to avoid additional litigation and claims that they have never shared Siri recordings, mentioning that there are many privacy protections in place with Siri to minimize data collection.
(–Source: MacRumors
Read More: Apple Highlights Privacy Commitment After Settling Siri Spying Lawsuit – MacRumors )
Bank of America notified customers of a recent data breach related to an unauthorized third-party gaining access to a third-party’s software systems. This incident allowed the attackers to access the sensitive information of BofA loan customers, including names, addresses, government identification numbers, contact information, and loan numbers.
Bank of America has begun sending out data breach notification letters to affected customers.
(–Source: JD Supra
Read More: Bank of America Notifies Loan Customers of Data Breach Involving Unauthorized Access to Third-Party System | Console and Associates, P.C. – JDSupra )
In 2021, T-Mobile experienced a data breach that exposed sensitive data of over 79 million nationwide customers, one of the most significant of the many data breaches the company has faced throughout recent years.
A class-action lawsuit related to this incident was settled in 2022 for $350 million, but the state of Washington is not satisfied with this resolution, and has filed a consumer protection lawsuit, accusing the phone provider of failing to properly address cybersecurity vulnerabilities and protect customers.
(–Source: Android Authority
Read More: T-Mobile is being sued by Washington state over 2021 breach )
A new cybersecurity labelling program has been rolled out by The White House to include a Cyber Trust Mark on smart technology devices that have undergone a security compliance review, giving consumers the ability to assess how cybersecure these products are.
This rollout is being overseen by the US Federal Communications Commission in an effort to ensure that consumers feel more confident in their purchases of IoT devices such as security cameras, smart appliances, and baby monitors, and to encourage companies to have a stronger focus on the cybersecurity of their products.
(–Source: The Register on MSN
Read More: Look for the label: White House rolls out ‘Cyber Trust Mark’ for smart devices )
PowerSchool, a software used by many schools in New Hampshire, experienced a recent cybersecurity incident in which the personal information of students and teachers across the state was compromised.
PowerSchool became aware of the breach on December 28th, 2024, and has since taken necessary action. This incident is particularly dangerous, as student information can be held onto for years and used for identity and credit card theft. PowerSchool has sent out letters to affected school districts and will be providing identity and credit protection services to affected individuals, both adults and children.
(–Source: WMUR Manchester on MSN
Read More: Student, teacher data accessed in breach of software used in New Hampshire schools )