XCast might become eXCast after DoJโ€™s $10m fine

Jan 04 2024

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter thatโ€™s noticed a perceptible dip in cybercrime whilst everyone and their mum is busy checking X for the #EpsteinClientList to drop ๐Ÿ’€๐Ÿ’€๐Ÿ’€

Todayโ€™s hottest cybersecurity news stories:

  • ๐Ÿ›๏ธ XCast might become eXCast after DoJโ€™s $10m fine ๐Ÿ’ธ

  • ๐Ÿ’ฐ Fines galore! NY fines hospital $300k for web trackers ๐Ÿ›ฐ๏ธ

  • ๐Ÿ“ž BTโ€™s deadline to remove Huawei from network whooses by ๐Ÿ“…

I donโ€™t wanna ROCK, DoJ!ย ๐ŸŽถ But youโ€™re making me feel so nice ๐Ÿ˜Š๐Ÿ™ˆ๐Ÿ˜‚ Take That, XCast. Oh wait, that was Robbie ๐Ÿ’€

The U.S. Department of Justice (DoJ) has cracked down on VoIP service provider XCast for allegedly aiding illegal telemarketing since January 2018, breaching the Telemarketing Sales Rule (TSR). ๐Ÿšจ

๐Ÿ›๏ธ The DoJ revealed that XCast flooded American consumers with billions of illegal robocalls, often impersonating government agencies and making false claims.

๐Ÿ‘ฎ To remedy the situation, XCast must now comply with stringent measures, including customer screening processes, to prevent further illegal telemarketing. Despite a hefty $10 million civil penalty judgement, the order is temporarily suspended due to XCast's financial constraints.

๐Ÿšซ The calls, reaching numbers on the National Do Not Call Registry, contained misleading information, threatening utility cutoffs or prompting urgent action on fake credit card charges. XCast is now required to sever ties with non-compliant firms and has been permanently barred from providing VoIP services without call-blocking safeguards.

๐ŸŒณ In a parallel move, the Federal Trade Commission (FTC) banned Response Tree for alleged dark pattern manipulations. Operating over 50 websites, the Californian company collected consumer data, selling it to telemarketers for millions of illegal calls.

The FTC has now prohibited Response Tree from engaging in or aiding robocalls and calls to numbers on the Do Not Call Registry.

Stay informed, stay protected! ๐Ÿ›ก๏ธ

Learn AI in 5 minutes a day. We'll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.

Empire State [AG] of mind fine ๐Ÿ˜

๐Ÿ”’ NewYork-Presbyterian Hospital Fined $300,000 Over HIPAA Violations ๐Ÿ”’

The New York State attorney general's office has slapped a hefty $300,000 fine on NewYork-Presbyterian Hospital (NYP) for privacy violations related to the improper use of tracking tools on its websites and patient portal.

๐Ÿฅ The hospital allegedly breached HIPAA rules by sharing patient information with third parties for marketing purposes, prompting the regulatory action.

HIPAA Hip Hooray ๐ŸŽ‰

As part of the settlement, NYP must take corrective measures, ensuring all third parties delete patient health information obtained through the tracking tools. The hospital, with over 2 million annual patient visits across 10 hospitals in NYC, had used tracking pixels and tags from tech vendors like Meta/Facebook and Google.

Following a report in June 2022, NYP discontinued the use of these technologies, conducting a forensic investigation and reporting the incident to the U.S. Department of Health and Human Services in March 2023. The fine underscores the importance of robust internal policies for third-party vetting and compliance with HIPAA regulations.

You Were Warned โš ๏ธ

While the HHS OCR has warned entities about potential HIPAA enforcement actions involving online trackers, the New York attorney general's office leads the charge in taking enforcement action.

Regulatory attorney Rachel Rose predicts increased HIPAA-related activities by state attorney general offices in 2024, citing a national focus on third-party issues and state breach notification law requirements.

Stay vigilant, stay compliant! ๐Ÿ›ก๏ธ

๐ŸŽฃ Catch of the Day!! ๐ŸŒŠ๐ŸŸ๐Ÿฆž

๐Ÿƒย The Motley Fool: โ€œFool me once, shame on โ€” shame on you. Fool me โ€” you can't get fooled again.โ€ Good olโ€™ George Dubya ๐Ÿ˜‚ Let us tell whoโ€™s not fooling around though; thatโ€™s the Crรผe ๐Ÿ‘€ at Motley Fool. Youโ€™d be a fool (alright, enough already! ๐Ÿ™ˆ) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ๐Ÿ› Kidding aside, if you check out their website theyโ€™ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ๐Ÿค‘ย (LINK)


๐Ÿšตย Wander: Find your happy place. Cue Happy Gilmore flashback ๐ŸŒ๏ธโ›ณ๐ŸŒˆ๐Ÿ•Š๏ธ Mmmm Happy Placeโ€ฆ ๐Ÿ˜‡ So, weโ€™ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, itโ€™s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ๐Ÿž๏ธ๐Ÿ˜ย (LINK)


๐ŸŒŠย Digital Ocean: If you build it they will come. Nope, weโ€™re not talking about a baseball field for ghosts โšพ๐Ÿ‘ป๐Ÿฟ (Great movie, to be fair ๐Ÿ™ˆ). This is the Digital Ocean whoโ€™ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website youโ€™ll find yourself catching the buzz even if you canโ€™t code (guilty ๐Ÿ˜‘). But if you can and youโ€™re looking for somewhere to test things out or launch something new or simply enhance what youโ€™ve got, weโ€™d recommend checking out their services foโ€™ sho ๐Ÿ˜‰ And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ๐ŸŒฟย (LINK)

BT: Huawei fooling? It was never gonna happen ๐Ÿ’€๐Ÿ“…๐Ÿ™ƒ

๐Ÿ“ก BT Misses Deadline for Huawei Equipment Removal in Core Networks ๐Ÿ“ก

The deadline has passed for UK telecommunication companies to eliminate Huawei equipment from their core networks, with BT acknowledging that its 2G and 3G services still use non-compliant infrastructure. ๐Ÿšจ Despite this, the extent of potential consequences for BT remains uncertain.

โš ๏ธ Formal legal notices were issued to UK telecom operators in November 2022, mandating the removal of China-based Huawei equipment due to security concerns. The extended deadline of December 31, 2023, was granted after complaints from operators, including BT, about the initial January 28, 2023 deadline.

๐Ÿšฆ BT claims that over 99% of its core traffic, including 4G and 5G data sessions and voice calls, is now served by non-Huawei equipment. The remaining less than 1% comprises 2G and 3G services, and BT assures that it is actively working to complete the migration.

๐Ÿ’ธ Potential fines of up to 10% of turnover or ยฃ100,000 ($126,611) per day loom for non-compliance, pending Ofcom's progress report due on March 31. Observers suggest flexibility on deadlines to avoid immediate fines, considering the complexity of removing Huawei entirely from both fixed line and mobile networks.

Stay tuned for updates on telecom regulatory compliance! ๐ŸŒ

๐Ÿ—ž๏ธ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.

  • Libby Copa:ย The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.

  • Techspresso:ย Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)

Let us know what you think!

So long and thanks for reading all the phish!

Recent articles