Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

The Straight Story

(48,121 posts)
Thu May 23, 2013, 11:12 AM May 2013

Journalists Find Massive Data Security Lapse, Get Threats Instead of Thanks

A “thank you” might be in order if you find a massive leak of a company’s sensitive customer records on the Internet and raise alarm so the problem can be fixed. But that’s not how it always goes down, as a team of investigative reporters for the Scripps News Service recently found out the hard way.

In a recent report, the Scripps journalists say they found through a basic Google search a gaping security hole exposing more than 170,000 records related to customers of and applicants for Lifeline, the federal program for low-income Americans that offers a discounted phone service. The information, involving people from at least 26 states, included Social Security numbers, scans of passports, driver’s licences, parole letters, food-stamp cards, tax records, home addresses, and financial accounts. Scripps reports that the records were “widely available online this spring after being collected for two phone carriers participating in the program: Oklahoma City-based TerraCom Inc. and its affiliate, YourTel America Inc.” A Scripps reporter first uncovered the records while searching for PDF files attached to the TerraCom website.

The data leak appears to have put hundreds of Lifeline customers at serious risk of identity theft and may constitute a violation of privacy and data protection laws. (Indiana’s attorney general is already reportedly probing the breach, and the FCC has commented that a single privacy violation could cost a company as much as $1.5 million.) Scripps says it notified the companies of the security hole and “within hours, (the records) no longer were publicly accessible.” But instead of thanking the journalists for flagging up the issue, Jonathan Lee, legal counsel for TerraCom and YourTel, sent an angry and threatening letter to Scripps, referring to “Scripps hackers” and accusing the reporters of “numerous violations of the Computer Fraud and Abuse Act.” In one bizarre passage, Lee even claims that it is Scripps, not the companies responsible for the data leak in the first place, that should expect to pay any fines:

Because the Scripps Hackers have put the Companies in the position of having to incur the costs of potentially complying with more than 20 state data breach notification laws, the Companies are likely to look to Scripps to reimburse them for those costs.


David Giles, Scripps’ deputy general counsel, responded to the accusation that the reporters “hacked” the information by calling on the companies to stop the “name calling and the legal posturing” and instead address the “apparent careless security practices” raised by the story. “Regardless of the flowery moniker you have used to characterize the bureau's newsgathering activities, the bureau's reporters have not violated the Computer Fraud and Abuse Act or any other law or regulation,” Giles wrote in a letter sent to TerraCom and YourTel’s lawyers earlier this month.

More Here
1 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
Journalists Find Massive Data Security Lapse, Get Threats Instead of Thanks (Original Post) The Straight Story May 2013 OP
If you're so poor that you need lifeline, it's unlikely most identity thieves have any interest. leveymg May 2013 #1

leveymg

(36,418 posts)
1. If you're so poor that you need lifeline, it's unlikely most identity thieves have any interest.
Thu May 23, 2013, 11:36 AM
May 2013

However, there may be others who might want a copy of those records to create a new you. This is a really serious breach.

Latest Discussions»General Discussion»Journalists Find Massive ...