It appears you have not yet registered with our community. To register please click here...

Go Back [M] > Madshrimps > WebNews
Hacks labelled hackers for finding security hole Hacks labelled hackers for finding security hole
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Hacks labelled hackers for finding security hole
Thread Tools
Old 22nd May 2013, 08:01   #1
[M] Reviewer
Stefan Mileschin's Avatar
Join Date: May 2010
Location: Romania
Posts: 107,835
Stefan Mileschin Freshly Registered
Default Hacks labelled hackers for finding security hole

Telecoms companies involved in a US government scheme to provide an affordable phone service to the poor have threatened reporters who found a security hole in their Lifeline phone system with charges under the Computer Fraud and Abuse Act.

Scripps News reporters discovered 170,000 Lifeline phone customer records online that contained everything needed for identity theft. They asked for an interview with the COO of TerraCom and YourTel, which are the telcos who look after Lifeline, and were threatened with violating the Computer Fraud and Abuse Act.

Lifeline is a government programme offering affordable phone service for low-income citizens. Last year the FCC insisted that Lifeline phone collecting more sensitive information from citizens. They are not supposed to retain copies of the sensitive information.

Scripps News "Googled" the phone companies TerraCom and YourTel America to discover 170,000 files online, all of which contained sensitive information that would make identity theft a breeze for thieves.

The Scripps reporters videotaped the process showing how they found the documents. Attorney Jonathon Lee, acting for both telecoms outfits, threatened the hacks with violating the Computer Fraud and Abuse Act (CFAA).

Lee wrote a letter telling Scripps that the "intrusions and downloading" of sensitive records were associated with Scripps IP addresses. He warned that "the 'Scripps Hackers' have engaged in numerous violations of the Computer Fraud and Abuse Act by gaining unauthorised access into confidential computer files maintained for the Companies by Vcare, and by digitally transferring the information in these folders to Scripps.

The rest of the letter slammed the "Scripps Hackers" for the cost of breach notifications, demanded Scripps hand over all evidence as well as the identity and intentions of the hackers, and threatening a law suit.

TerraCom posted a security breach notice that states, "As far as we can tell, the vast majority of applicant data files were accessed by the Scripps Howard News Service, and we are sorry that personal data of Lifeline applicants was accessed by the News Service and possibly by other unauthorised persons."

However the move appears to be a cover for the fact that both companies are in hot water with the FCC. The watchdog said that it is investigating and could fine them both up to $1.5 million for a single violation of privacy.

Scripps added that the Indiana attorney general's office has launched an investigation into the release of TerraCom applicants' personal data. The Texas attorney general's office also is scrutinising the practices of TerraCom and YourTel.

But what is interesting is how a corporation can use the Computer Fraud and Abuse Act to try and cover up security cock-ups. This case was public, and Scripps did not back down, but how many other companies have managed to cover up their computer flaws with a scary letter to the editor from m'learned friend?
Stefan Mileschin is offline   Reply With Quote

Similar Threads
Thread Thread Starter Forum Replies Last Post
Apple releases iOS 6.1.3 to patch lock screen security hole Stefan Mileschin WebNews 0 20th March 2013 10:17
New Security Hole Found in Wi-Fi Routers: Disable UPnP to Protect Yourself Stefan Mileschin WebNews 0 31st January 2013 07:48
Microsoft advises nuking Windows Gadgets after security hole discovery Stefan Mileschin WebNews 0 12th July 2012 09:31
Mozilla Patches 'Critical' Firefox Security Hole Stefan Mileschin WebNews 0 13th February 2012 09:07
Need Help Finding Your 8800 GT? (US/Canada Readers) jmke WebNews 1 9th November 2007 15:51
Microsoft Security Patch Can Cause Security Issues to Internet Explorer jmke WebNews 0 18th August 2006 10:09
Huge Security Hole Found in Symantec Antivirus Software jmke WebNews 0 27th May 2006 14:42
Hero - finding bad product Sidney General Madness - System Building Advice 0 16th May 2006 01:04
Helping finding a HSF redmanmark Hardware Overclocking and Case Modding 2 21st October 2005 22:00
iNav iGuidance v2.0, finding your way around Sidney WebNews 0 7th August 2004 05:23

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT +1. The time now is 01:55.

Powered by vBulletin® - Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO