| ||Thread Tools|
|22nd May 2013, 09:01||#1|
Join Date: May 2010
Hacks labelled hackers for finding security hole
Telecoms companies involved in a US government scheme to provide an affordable phone service to the poor have threatened reporters who found a security hole in their Lifeline phone system with charges under the Computer Fraud and Abuse Act.
Scripps News reporters discovered 170,000 Lifeline phone customer records online that contained everything needed for identity theft. They asked for an interview with the COO of TerraCom and YourTel, which are the telcos who look after Lifeline, and were threatened with violating the Computer Fraud and Abuse Act.
Lifeline is a government programme offering affordable phone service for low-income citizens. Last year the FCC insisted that Lifeline phone collecting more sensitive information from citizens. They are not supposed to retain copies of the sensitive information.
Scripps News "Googled" the phone companies TerraCom and YourTel America to discover 170,000 files online, all of which contained sensitive information that would make identity theft a breeze for thieves.
The Scripps reporters videotaped the process showing how they found the documents. Attorney Jonathon Lee, acting for both telecoms outfits, threatened the hacks with violating the Computer Fraud and Abuse Act (CFAA).
Lee wrote a letter telling Scripps that the "intrusions and downloading" of sensitive records were associated with Scripps IP addresses. He warned that "the 'Scripps Hackers' have engaged in numerous violations of the Computer Fraud and Abuse Act by gaining unauthorised access into confidential computer files maintained for the Companies by Vcare, and by digitally transferring the information in these folders to Scripps.
The rest of the letter slammed the "Scripps Hackers" for the cost of breach notifications, demanded Scripps hand over all evidence as well as the identity and intentions of the hackers, and threatening a law suit.
TerraCom posted a security breach notice that states, "As far as we can tell, the vast majority of applicant data files were accessed by the Scripps Howard News Service, and we are sorry that personal data of Lifeline applicants was accessed by the News Service and possibly by other unauthorised persons."
However the move appears to be a cover for the fact that both companies are in hot water with the FCC. The watchdog said that it is investigating and could fine them both up to $1.5 million for a single violation of privacy.
Scripps added that the Indiana attorney general's office has launched an investigation into the release of TerraCom applicants' personal data. The Texas attorney general's office also is scrutinising the practices of TerraCom and YourTel.
But what is interesting is how a corporation can use the Computer Fraud and Abuse Act to try and cover up security cock-ups. This case was public, and Scripps did not back down, but how many other companies have managed to cover up their computer flaws with a scary letter to the editor from m'learned friend?
|Thread||Thread Starter||Forum||Replies||Last Post|
|Apple releases iOS 6.1.3 to patch lock screen security hole||Stefan Mileschin||WebNews||0||20th March 2013 11:17|
|New Security Hole Found in Wi-Fi Routers: Disable UPnP to Protect Yourself||Stefan Mileschin||WebNews||0||31st January 2013 08:48|
|Microsoft advises nuking Windows Gadgets after security hole discovery||Stefan Mileschin||WebNews||0||12th July 2012 10:31|
|Mozilla Patches 'Critical' Firefox Security Hole||Stefan Mileschin||WebNews||0||13th February 2012 10:07|
|Need Help Finding Your 8800 GT? (US/Canada Readers)||jmke||WebNews||1||9th November 2007 16:51|
|Microsoft Security Patch Can Cause Security Issues to Internet Explorer||jmke||WebNews||0||18th August 2006 11:09|
|Huge Security Hole Found in Symantec Antivirus Software||jmke||WebNews||0||27th May 2006 15:42|
|Hero - finding bad product||Sidney||General Madness - System Building Advice||0||16th May 2006 02:04|
|Helping finding a HSF||redmanmark||Hardware Overclocking and Case Modding||2||21st October 2005 23:00|
|iNav iGuidance v2.0, finding your way around||Sidney||WebNews||0||7th August 2004 06:23|