Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Telecom. Show all posts
Telecom
AI Apple Data Google Internet Location Privacy Samsung Telecom

Indian Government Proposes Compulsory Location Tracking in Smartphones, Faces Backlash


Government faces backlash over location-tracking proposal

The Indian government is pushing a telecom industry proposal that will compel smartphone companies to allow satellite location tracking that will be activated 24x7 for surveillance. 

Tech giants Samsung, Google, and Apple have opposed this move due to privacy concerns. Privacy debates have stirred in India after the government was forced to repeal an order that mandated smartphone companies to pre-install a state run cyber safety application on all devices. Activists and opposition raised concerns about possible spying. 

About the proposal 

Recently, the government had been concerned that agencies didn't get accurate locations when legal requests were sent to telecom companies during investigations. Currently, the firm only uses cellular tower data that provides estimated area location, this can be sometimes inaccurate.

The Cellular Operators Association of India (COAI) representing Bharti Airtel and Reliance Jio suggested accurate user locations be provided if the government mandates smartphone firms to turn on A-GPS technology which uses cellular data and satellite signals.

Strong opposition from tech giants 

If this is implemented, location services will be activated in smartphones with no disable option. Samsung, Google, and Apple strongly oppose this proposal. A proposal to track user location is not present anywhere else in the world, according to lobbying group India Cellular & Electronics Association (ICEA), representing Google and Apple. 

Reuters reached out to the India's IT and home ministries for clarity on the telecom industry's proposal but have received no replies. According to digital forensics expert Junade Ali, the "proposal would see phones operate as a dedicated surveillance device." 

According to technology experts, utilizing A-GPS technology, which is normally only activated when specific apps are operating or emergency calls are being made, might give authorities location data accurate enough to follow a person to within a meter.  

Telecom vs government 

Globally, governments are constantly looking for new ways to improve in tracking the movements or data of mobile users. All Russian mobile phones are mandated to have a state-sponsored communications app installed. With 735 million smartphones as of mid-2025, India is the second-largest mobile market in the world. 

According to Counterpoint Research, more than 95% of these gadgets are running Google's Android operating system, while the remaining phones are running Apple's iOS. 

Apple and Google cautioned that their user base will include members of the armed forces, judges, business executives, and journalists, and that the proposed location tracking would jeopardize their security because they store sensitive data.

According to the telecom industry, even the outdated method of location tracking is becoming troublesome because smartphone manufacturers notify users via pop-up messages that their "carrier is trying to access your location."



Read more »
Verizon
AT&T Cyber Security Lawsuit Telecom Verizon

AT&T Wins Legal Challenge While Verizon Faces Privacy Penalties

 

Major U.S. wireless carriers have faced contrasting legal outcomes in their battles against Federal Communications Commission fines for selling customer location data without consent, creating an uncertain landscape for consumer privacy protection .

Background on data selling practices

In 2018, investigations revealed that major telecommunications providers were selling customers' real-time location data to third-party brokers without proper notification or consent. This practice involved carriers selling access to sensitive geolocation information to aggregators, who then resold the data to other companies, creating a gray market for cell phone location data. The exposed data allowed buyers, including law enforcement and bounty hunters, to track individuals' movements without their knowledge.

FCC enforcement actions 

The Federal Communications Commission responded in April 2024 by imposing nearly $200 million in total fines across the industry. AT&T received a $57 million penalty, Verizon faced a $46.9 million fine, T-Mobile was fined over $80 million, and Sprint received more than $12 million . The FCC determined that carriers violated Section 222 of the Communications Act, which requires maintaining customer information confidentiality and obtaining express consent before sharing location data.

Court battle results

All three major carriers challenged their fines in different federal appeals courts, producing divergent outcomes . The Second Circuit Court of Appeals upheld Verizon's $46.9 million fine, rejecting the company's argument that device location data doesn't qualify as protected "customer proprietary network information". The court ruled that location data clearly meets the law's criteria for protection since it's accessible to carriers exclusively due to the customer relationship.

Meanwhile, Verizon had attempted to shift responsibility by largely outsourcing consent verification to third parties through contractual agreements, which the court found inadequate. The carrier's location data was improperly accessed by companies like Securus Technologies, which allowed law enforcement to obtain customer information without proper authorization.

AT&T's legal victory

In contrast to Verizon's defeat, AT&T successfully overturned its fine in a business-friendly appeals court, though specific details of this ruling were not elaborated in available sources. This creates a significant legal inconsistency regarding how telecommunications privacy violations are enforced across different jurisdictions.

The conflicting appellate court decisions may force Supreme Court intervention to resolve the legal uncertainty. This potential review could significantly limit the FCC's authority to penalize companies for privacy violations, potentially weakening federal oversight of telecommunications data practices.

Current settlement landscape

Despite the legal victories and defeats, AT&T simultaneously faces a separate $177 million class-action settlement related to two major data breaches in 2024. The company agreed to pay customers up to $7,500 each for documented losses from breaches that exposed Social Security numbers, addresses, passwords, and other sensitive information. 

This settlement demonstrates ongoing vulnerabilities in telecommunications data security beyond the location-selling controversies.The contrasting legal outcomes highlight the fragmented state of privacy protection enforcement, where identical violations can result in different consequences depending on which court reviews the case.
Read more »
Telecom
Banking Cyber Fraud Ghaziabad OTP phishing Telecom

Ghaziabad eSIM Fraud: Woman Loses ₹18.5 Lakh in Sophisticated SIM Swap Scam

 

A 54-year-old resident of Shipra Suncity, Indirapuram, Ghaziabad, fell victim to a sophisticated eSIM fraud that resulted in the loss of ₹18.48 lakh from her bank accounts. Arti Kaul was targeted by cybercriminals who posed as Airtel customer service representatives to execute an elaborate SIM swap scam. 

Fraudulent call 

On August 29, 2025, at approximately 1:00 PM, Kaul received a phone call from fraudsters claiming to be Airtel representatives. The callers convinced her that she needed to upgrade her SIM card from 4G to 5G as per company policy, presenting the upgrade as mandatory. Unaware of the deceptive nature of the call, Kaul stayed on the line with the fraudsters throughout the process.

Technical manipulation

At 1:10 PM, Kaul received an SMS from Airtel containing an OTP for eSIM card activation. Following this, she received a long numerical message on WhatsApp, along with subsequent SIM card update-related messages and additional calls from both the fraudsters and legitimate Airtel representatives. The victim shared the OTP with the callers, inadvertently giving them access to activate an eSIM on their own device, effectively hijacking her phone number. 

Once the fraudsters gained control of Kaul's phone number through the eSIM activation, they systematically drained her bank accounts. The theft occurred through more than 50 separate transactions between August 31 and September 1, 2025, targeting both her Axis Bank and HDFC Bank accounts. The total amount stolen reached ₹18.48 lakh. 

Discovery and legal action

Kaul discovered the fraud when her SIM card became inactive and she stopped receiving messages. Upon visiting her banks, employees informed her about the unauthorized transactions that had occurred over the previous days. She subsequently filed a complaint with the cyber crime police station, and an investigation has been launched.

This incident highlights the growing threat of eSIM-based fraud in India, where criminals exploit the convenience of digital SIM technology to rapidly hijack mobile numbers and access victims' financial accounts through intercepted OTPs. 

Safety tips 

Never share OTPs or activation codes: Avoid sharing one-time passwords (OTPs), eSIM activation codes, or QR codes with anyone, even if they claim to be from your telecom provider. No legitimate company will request these details over phone or SMS. 

Use only official channels: Always request eSIM conversions or upgrades directly through official carrier apps, websites, or physical stores. Do not click on unknown links, and never proceed with eSIM activation from unsolicited messages or calls . 

Act fast on signal loss: If your phone unexpectedly loses network signal or displays “No Service,” immediately report the issue to your mobile operator and notify your bank. This could indicate that your number has been hijacked.

Stay alert for phishing attempts: Be wary of calls, emails, or texts asking for personal, banking, or SIM-related information. Always verify the identity of the sender by reaching out through the provider’s verified customer care number. 

Monitor account activity: Regularly review bank and mobile account activity for unauthorized transactions or account changes. Set up alerts where available for any transaction or SIM change activity.

Following these safety steps drastically reduces the risk of eSIM-based fraud and helps in swift detection of account compromise.
Read more »
TPG
Australia Bank Credentials Breaches Dara Breach phishing Sensitive data Telecom TPG

Aussie Telecom Breach Raises Alarm Over Customer Data Safety

 




A recent cyberattack on TPG Telecom has reignited concerns about how safe personal information really is in the hands of major companies. What the provider initially downplayed as a “limited” incident has in fact left hundreds of thousands of customers vulnerable to online scams.

The intrusion was uncovered on August 16, when unusual activity was detected in the systems of iiNet, one of TPG’s subsidiary brands. Hackers were able to get inside by misusing stolen employee logins, which granted access to iiNet’s order management platform. This internal tool is mainly used to handle service requests, but it contained far more sensitive data than many would expect.


Investigators now estimate that the attackers walked away with:

• Roughly 280,000 email addresses linked to iiNet accounts

• Close to 20,000 landline phone numbers

• Around 10,000 customer names, addresses, and contact details

• About 1,700 modem setup credentials


Although no banking details or government ID documents were exposed, cybersecurity experts caution that this type of information is highly valuable for criminals. Email addresses and phone numbers can be exploited to craft convincing phishing campaigns, while stolen modem passwords could give attackers the chance to install malware or hijack internet connections.

TPG has apologised for the breach and is reaching out directly to customers whose details were involved. Those not affected are also being notified for reassurance. So far, there have been no confirmed reports of the stolen records being used maliciously.

Even so, the risks are far from minor. Phishing messages that appear to come from trusted sources can lead victims to unknowingly share bank credentials, install harmful software, or hand over personal details that enable identity theft. As a result, affected customers are being urged to remain alert, treat incoming emails with suspicion, and update passwords wherever possible, especially on home modems.

The company has said it is cooperating with regulators and tightening its security protocols. But the case underlines a growing reality: personal data does not need to include credit card numbers to become a target. Seemingly routine details, when collected in bulk, can still provide criminals with the tools they need to run scams.

As cyberattacks grow more frequent, customers are left with the burden of vigilance, while companies face rising pressure to prove that “limited” breaches do not translate into large-scale risks.



Read more »
Telecom
China Cyber Security Hackers Telecom

China Launches Advanced Quantum Security Network Said to Be “Unhackable”

 


A major Chinese telecom company has launched what it claims is the first commercial security system that can protect digital communication from even the most powerful future hackers — including those using quantum computers.

China Telecom Quantum, a state-owned firm, recently introduced a new kind of encryption system that combines two advanced technologies to create strong protection for data, phone calls, and user identity. This system was successfully used to make a secure phone call between Beijing and Hefei  a distance of more than 1,000 kilometers — without risking any data leaks or breaches.


The Problem: Quantum Computers Could Break Today’s Encryption

As quantum computing continues to develop, it is expected to pose a serious threat to current cybersecurity systems. These new types of computers are extremely fast and powerful, and experts believe they could one day crack the encryption used to protect sensitive information like passwords, bank data, and government records.

To stay ahead of these threats, China Telecom has built a new system that combines:

1. A quantum-based method that sends encryption keys using the principles of quantum physics, making them nearly impossible to steal or intercept.

2. A mathematics-based method that protects data using very difficult equations that even quantum computers would find hard to solve.


This two-layer approach forms a highly secure framework to protect digital communication.


Tested in Real Conditions and Ready to Use

China Telecom says the system has been tested successfully and is ready to be used on a large scale. The company has already created secure quantum networks in 16 cities, including Beijing, Shanghai, Guangzhou, and Hefei.

These networks now make up a nationwide secure communication system. Among them, Hefei’s network is the largest and most advanced in the world, with eight main hubs and over 150 connection points spread across 1,147 kilometers. It is already being used by around 500 government departments and nearly 400 publicly owned companies.


Extra Tools for Safe Messaging and Document Management

The company has also introduced two new secure tools:

• Quantum Secret — a messaging and teamwork app designed to keep communication safe from even advanced hackers.

• Quantum Cloud Seal — a platform made for secure digital approvals, auditing, and managing documents for businesses and government offices.

Both tools are already being used across different industries in China.

With this launch, China has taken a major step toward building a future-ready cybersecurity system — one that can stay strong even as quantum computing technology continues to grow.

Read more »
Telecom
Cyber Security Cybersecurity Infrastructure Security SIM surveillance Telecom

Government Plans SIM Card Replacement Amid Security Concerns Over Chinese-Made Chipsets

 

The Indian government is actively assessing the feasibility of a nationwide SIM card replacement program as part of broader efforts to enhance digital and telecom security. Authorities are currently evaluating the scale of the issue and may soon introduce detailed guidelines on the rollout. The move, if executed, could impact millions of mobile users still operating with SIM cards issued years ago.

The initiative is part of a larger investigation led by the National Cyber Security Coordinator (NCSC), following concerns about the security risks posed by chipsets embedded in SIM cards reportedly sourced from Chinese vendors. According to a report by Mint, the Ministry of Home Affairs has raised red flags over the potential misuse of personal information due to these chipsets.

“The investigation is being done collectively under NCSC involving DoT, MHA, and other stakeholders to identify the entry of such chips in the market and the extent of SIM cards with chips of Chinese origin. It seems even telecos were not aware of the procurement by their vendors,” the Mint reported, citing official sources.

As part of this investigation, the government is exploring technological and legal hurdles that may arise if the replacement plan is greenlit. Key telecom operators, including Vodafone Idea, Bharti Airtel, and Reliance Jio, have reportedly been consulted to discuss possible security loopholes that may surface during the swap process.

In addition to SIM replacement, authorities are also looking to tighten import controls on telecom equipment. Only suppliers from vetted, reliable sources may be allowed to contribute to India's telecom infrastructure moving forward.

Legal Framework Supporting the Move
The Telecommunications Act of 2023 provides the government with the authority to restrict, suspend, or ban telecom equipment or services if they are found to pose a threat to national security.

“Procurement of telecommunication equipment and telecommunication services only from trusted sources,” Section 21 of the Telecom Act, 2023 states.

Before this legislation, the Department of Telecommunications (DoT) had already implemented licensing rules that factored in defence and national security considerations when sourcing telecom hardware. Under these rules, telecom service providers are permitted to buy only from "trusted sources" and must seek prior approval from the National Cyber Security Coordinator.
Read more »
Telecom
Beeline Cyber Attacks DDOS Attacks Internet Russia Telecom

Russian Telecom Company "Beeline" Hit, Users Face Internet Outage

Russian Telecom Company "Beeline" Hit, Users Face Internet Outage

Internet outage in, telecom provider attacked

Users in Russia faced an internet outage in a targeted DDoS attack on Russian telecom company Beeline. This is the second major attack on the Moscow-based company in recent weeks; the provider has over 44 million subscribers.

After several user complaints and reports from outage-tracking services, Beeline confirmed the attack to local media.

According to Record Media, internet monitoring service Downdetector’s data suggests “most Beeline users in Russia faced difficulties accessing the company’s mobile app, while some also reported website outages, notification failures and internet disruptions.” 

Impact on Beeline

Beeline informed about the attack on its Telegram channel, stressing that the hacker did not gain unauthorized access to consumer data. Currently, the internet provider is restoring all impacted systems and improving its cybersecurity policies to avoid future attacks. Mobile services are active, but users have cited issues using a few online services and account management features.

Rise of threat in Russia

The targeted attack on Beeline is part of a wider trend of cyberattacks in Russia; in September 2024, VTB, Russia’s second-largest bank, faced similar issues due to an attack on its infrastructure. 

These attacks highlight the rising threats posed by cyberattacks cherry-picking critical infrastructures in Russia and worldwide.

Experts have been warning about the rise in intensity and advanced techniques of such cyberattacks, damaging not only critical businesses but also essential industries that support millions of Russian citizens. 

Telecom companies in Russia targeted

How Beeline responds to the attack and recovers will be closely observed by both the telecom industry and regulators. The Beeline incident is similar to the attack on Russian telecom giant Megafon, another large-scale DDoS attack happened earlier this year. 

According to a cybersecurity source reported by Forbes Russia, the Beeline attack in February and the Megafon incident in January are the top hacktivist cyberattacks aiming at telecom sectors in 2025. 

According to the conversation with Forbes, the source said, “Both attacks were multi-vector and large-scale. The volume of malicious traffic was identical, but MegaFon faced an attack from 3,300 IP addresses, while Beeline was targeted via 1,600, resulting in a higher load per IP address.”

Read more »
TRAI
COAI Cybeattacks Cyber Crime cyber threat CyberCrime Cyberhackers Cyberscam Cybersecurity TCCCPR Telecom TRAI

TRAI Enforces Stricter Regulations to Combat Telemarketing Spam Calls

 


There has been a significant shift in the Telecom Regulatory Authority of India (TRAI)'s efforts to curb spam calls and unsolicited commercial communications (UCC) as part of its effort to improve consumer protection, as TRAI has introduced stringent regulations. These amendments will take effect on February 12, 2025, and prohibit the use of 10-digit mobile numbers for telemarketing purposes, addressing the growing concern that mobile users have with fraudulent and intrusive messages.

To ensure greater transparency in telemarketing practices, the Telecom Regulatory Authority of India (TRAI) has enforced several measures that aim to ensure communication integrity while increasing the intelligence of telemarketers. A comprehensive consultation process was undertaken by the Telecom Regulatory Authority of India (TRAI), which involved a comprehensive stakeholder consultation process for the approval of changes to the Telecom Commercial Communications Customer Preference Regulations (TCCCPR), 2018, as a result of which significant changes have been made. This revision is intended to protect consumers against unsolicited commercial communications (UCCs) as well as to enhance compliance requirements for the providers of telecom services. 

Cellular Operators Association of India (COAI,) however, has expressed its concern over the updated regulation, especially about the penalties imposed on service providers as a result of it. The second amendment to the TCCCPR allows consumers to lodge complaints up to seven days after receiving the call or message, allowing them greater flexibility in reporting spam calls and messages for the second amendment. Furthermore, because of the new regulations, individuals are now able to lodge complaints without the need to first register their preferences for communication. 

Additionally, telecom operators are required to respond to complaints within five business days, a substantial reduction from the previous deadline of 30 days. A new set of stricter enforcement measures imposed by the law mandates that senders who receive five complaints within ten days must be held accountable for the complaint. To further safeguard consumer interests, telecom service providers will now be required to provide users with the option of opting out of all promotional emails. 

TRAI has also mandated a standard messaging format, which requires message headers to contain specific codes that indicate that they are promotional, service-related, transactional, or government-related. This structured labelling system aims to enhance transparency and help users distinguish between different types of communication by adding a structured llabellingsystem to their communication systems. 

As a part of the regulatory framework implemented by the Telecom Regulatory Authority of India (TRAI) to improve transparency and curb unsolicited commercial communications (UCCs), 10-digit mobile numbers will no longer be allowed to be used for commercial purposes. A telemarketer is required to use a series of designated numbers for promotional and service calls, ensuring that the two are clearly distinguished.

It is expected that the existing ‘140’ series will remain available for promotional purposes while the newly launched ‘1600’ series will be used for transactional and service-related communications. TRAI has also removed the requirement for the consumer to pre-register their communication preferences in advance of lodging a complaint against spam messages and unwanted phone calls from unregistered senders as part of its anti-spam practices.

In addition to simplifying the complaint process, TRAI has also expanded the reporting period from three days to seven days to improve user convenience in reporting violations, providing consumers with more flexibility in reporting complaints with essential details. To further strengthen consumer protection, TRAI has extended the complaint reporting window from three days to seven days, thus creating an environment of greater flexibility for users. 

There has been a significant reduction in the timeframe for telecom operators to respond to UCC complaints, which was previously 30 days, down to five days now. Further, the threshold for penalizing senders has been lowered as well, with only five complaints within ten days instead of the earlier benchmark of ten complaints within seven days, requiring penalties to be imposed. To improve accessibility and foster consumer engagement, the government is now requiring that mobile applications and official websites of telecom service providers prominently display complaint registration options as a means of promoting consumer engagement. 

Several regulatory initiatives have been taken to improve the accountability, transparency, and consumer-friendly nature of the telecommunications sector while also making sure the anti-spam directives are strictly followed. A stringent series of measures has been introduced by the Telecom Regulatory Authority of India (TRAI) to counter the rising threat of spam calls and to prevent malicious entities from misusing SMS headers and content templates to forward fraudulent or deceptive messages to subscribers. 

Several initiatives are being implemented by the TRAI that will ensure that consumer interests are protected and a safer and more transparent messaging environment is established. To ensure compliance with telemarketing regulations, TRAI has mandated strict penalties for entities making unauthorized promotional calls that violate telemarketing regulations. A violation of these terms can result in severe consequences such as the disconnection of all telecommunications resources for a period of up to two years, a blacklisting for up to two years, and a prohibition on acquiring any new telecommunications resources during the period of blacklisting. 

More than 800 entities and individuals have been blacklisted as a result of these measures, and over 1.8 million SIP DIDs, mobile numbers, and other telecommunications resources have been deactivated as a consequence. As a consequence, fraudulent commercial communications have been eliminated in large part. TRAI's directives call for access providers to list URLs, APKs, and links to OTTs within SMS content, and we have implemented this requirement with effect from October 1, 2024, to further enhance consumers' protection.

In an attempt to ensure consumer safety, a regulation moving forward will limit the use of links in text messages that have been verified and authorized by the user, thereby reducing the risk of consumers being exposed to harmful websites, fraudulent software, and other online risks. The '140xx' numbering series is further enhanced by migrating all telemarketing calls that originate from this series of numbers to the Distributed Ledger Platform (Blockchain) platform. In this way, the surveillance and control of telemarketing activities can be improved. 

There have also been advances in technical solutions being deployed by access providers to improve traceability to ensure that every entity involved in the message transmission, from the initial sender through to the final recipient, is accounted for within the chain of communication. Any traffic containing messages that omit a clearly defined chain of telemarketers and can be vverifiedor deviate from the pre-registered framework will be automatically rejected as of December 1, 2024. Several significant advancements are being made in regulatory oversight in the telecom sector as a result of these measures. Consumer protection is reinforced,d and accountability is enhanced within the industry as a result of these measures. 

To ensure that consumers have an easier and more convenient way to report unsolicited commercial communications violations, telecom service providers are required to prominently display complaint registration options on their official websites and mobile applications, making the complaint system more user-friendly and accessible for them. As part of this initiative, consumers will have the opportunity to easily flag non-compliant telemarketing practices, allowing the complaint process to be streamlined. Furthermore, service providers must provide consumers with a mandatory ‘opt-out’ option within all promotional messages to give them greater control over how they want to communicate. 

The new Consumer Rights Rule establishes a mandatory 90-day waiting period before marketers can re-engage users who have previously opted out of receiving marketing communication from a brand before re-initiating a consent request for them. By implementing this regulatory measure, the telecom industry will be able to protect consumers, eliminate aggressive advertising tactics, and develop a more consumer-centric approach to commercial messaging within its infrastructure.

It was announced yesterday that the Telecom Regulatory Authority of India (TRAI) has introduced stringent compliance requirements for access providers to make sure unsolicited commercial communications (UCC) are curbed more effectively. This new set of guidelines requires telecom companies to comply with stricter reporting standards, with financial penalties imposed on those companies that fail to accurately report UCC violations. 

According to the punishment structure, the initial fine of 2 lakh rupees for a first offence is followed by a fine of 5 lakhs for the second offence and a fine of 10 lakhs for subsequent violations. There has been a move by access providers to further enhance the level of regulatory compliance by mandating that telemarketers place security deposits that will be forfeited if any violation of telemarketing regulations occurs. A telecom operator may also be required by law to enter into legally binding agreements with telemarketers and commercial enterprises, which will explicitly define and specify their compliance obligations, as well as enumerating the repercussions of non-compliance. 

This means that reducing spam levels will be a major benefit for businesses while ensuring that they can communicate through authorized, transparent, and compliant channels, leading to a significant reduction in spam levels. TRAI aims to increase the consumer safety and security of the telecommunications ecosystem by enforcing these stringent requirements while simultaneously balancing regulatory oversight with legitimate business needs to engage with customers by the means approved by TRAI.
Read more »
Subscribe to: Comments (Atom)