TikTok was aware its age restrictions were ineffective and thousands of minors were able to access its Live feed product, an internal investigation for the social media company showed, according to the Utah attorney general's office. The office on Friday announced the release of details that were previously redacted in its complaint filed in June against TikTok.
T-Mobile knew for years about cybersecurity vulnerabilities that led to a 2021 data breach, alleged Washington Attorney General Bob Ferguson (D) in a lawsuit against the wireless carrier Monday. The AG sought damages and injunctive relief under the state’s consumer protection and data breach notification laws in the state’s King County Superior Court (case 25-2-00308-6). Ferguson said that T-Mobile failed to adequately secure sensitive personal data of about 2 million Washington residents. Also, the company didn’t sufficiently inform customers about the breach, downplaying its severity and not disclosing everything that was compromised, he alleged. Customers received brief text messages about the breach “that omitted critical and legally required information,” said the AG office: And some customers didn’t receive information about social security numbers being exposed. “This significant data breach was entirely avoidable,” Ferguson said. “T-Mobile had years to fix key vulnerabilities in its cybersecurity systems -- and it failed.” The 2021 data breach exposes personal information of about 79 million customers nationwide.
Vermont and Washington state will soon introduce comprehensive privacy bills, while Connecticut will have a bill that would add data minimization rules and make other changes to its 2022 law, legislators told Privacy Daily ahead of sessions starting this month. Also, legislators in Oklahoma and South Carolina prefiled bills last month for the 2025 legislative sessions. Additional privacy bills are expected this year in several other states, said privacy lawyers and consumer advocates in other interviews.