FCC: Mobile Carriers Posted Consumer Data

Two phone companies -- TerraCom Inc. and YourTel America Inc. -- unwittingly posted the Social Security numbers, driver's licenses and other sensitive data of up to 300,000 clients to the Internet, an investigation found, and federal regulators said Friday they plan to fine the companies.

As consumer data breaches go, the case -- and its $10 million fine -- is relatively small. But the incident is alarming because of how it unfolded: The companies participate in a government program called Lifeline, which subsidizes phone service for poor consumers. To crack down on fraudulent claims, federal regulators ordered carriers to collect identifiable information.

TerraCom Inc. and YourTel America, which are jointly owned, complied, but were so careless with the files that a reporter stumbled upon them during a simple Google search, according to the Federal Communications Commission.

In a written statement released Friday, Dale Schmick, chief operating officer of TerraCom Inc. and YourTel America Inc., said the companies have since increased its data security efforts and completed "multiple security audits to prevent future breaches from taking place."

"When faced with this instance of unauthorized access, we fully complied with state laws regarding notification of affected consumers," Schmick wrote. "We look forward to working with the FCC to resolve this matter and welcome the opportunity to correct the record with regard to our security processes."

But according to FCC investigators, even after company officials learned that the information could be accessed online, they failed to notify all potentially affected consumers. This deprived consumers "of any opportunity to take steps to protect their personal information from misuse by Internet thieves," the FCC wrote in its announcement.

FCC officials said the companies were required to collect sensitive data from consumers to check their eligibility. But, the FCC says the companies should have destroyed the data as soon they verified that...

Comments are closed.