AT&T has agreed a $13m settlement with the FCC over a January 2023 third-party breach that exposed 8.9 million customers’ data. The company has committed to strengthening data and supply chain security. Among the failings, the telecom company did not confirm that vendor data was correctly protected. This exposed data stayed in the vendor’s cloud for several years and was eventually leaked. AT&T confirmed that data didn’t include credit card details, Social Security numbers, or passwords.

The NHS needs to tighten its third-party supplier cybersecurity
The NHS should proactively fortify cybersecurity within its third-party software suppliers following recent damaging ransomware attacks, says Jonathan Lee from Trend Micro. He suggests implementing