Charter Communications (NASDAQ: CHTR) reached a deal with the FCC over the agency’s investigation into whether the company violated the Commission’s rules related to network outages, including those impacting 911 service.
To settle the case, Charter admitted it failed to notify more than 1,000 911 call centers of a network outage on February 19, 2023, and didn’t meet reporting deadlines in the Network Outage Reporting System (NORS), as well as for other outages on March 31 and April 16 of last year. Charter also admitted it failed to meet other NORS reporting deadlines associated with “hundreds” of planned maintenance outages.
Charter will pay a $15 million civil penalty to the U.S. Treasury and implement what the FCC calls a “robust” compliance plan, including cybersecurity provisions. In exchange, the Commission drops the case.
Communication licensees are required to notify 911 call centers of outages that could potentially be affected as soon as possible but no later than 30 minutes. On February 19, 2023, Charter’s network monitoring tools began to trigger alerts indicating problems with a portion of its voice infrastructure network. The company determined its network was hit by a Denial of Service attack.
As a result, Charter experienced an interconnected VoIP telephony service outage that affected approximately 400,000 residential and commercial interconnected VoIP customers in portions of 41 states and the District of Columbia. Charter was able to restore service in less than four hours.
Charter filed its NORS report almost six hours late, according to the FCC. Because of a clerical error, Charter’s email notifying 911 call centers was not delivered to more than 1,000 locations.
Charter also told the FCC “based on a misunderstanding of the Commission’s rules,” hundreds of planned maintenance events may have met the criteria for filing a NORS report but were never submitted.
The FCC calls the inclusion of certain cybersecurity measures in Charter’s compliance plan “the first-of-its-kind.” They include network segmentation and vulnerability mitigation management—related to 911 communications services and network outage reporting. Charter has agreed to maintain and evolve its overall cybersecurity risk management program in accordance with the voluntary National Institute of Standards and Technology Cyber Security Framework, according to the Commission.
By Leslie Stimson, Inside Towers Washington Bureau Chief
Reader Interactions