Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cell Phone Records for Sale

Posted by Zonk on from the privacy-is-for-congressmen dept.

tabdelgawad writes "The Washington Post has a good writeup on how 'data brokers' use various techniques to obtain cell phone records of individuals then offer them for sale to anyone who will pay. The data is obtained by either bribing phone company employees, or 'pretexting', or accessing unregistered customer accounts online. Although phone companies are the only source of this information (unlike, say SSNs which are available from many sources), one Cingular spokesman was quoted as saying that this is 'an infinitesimally small problem'."

3 of 124 comments (clear)

  1. Cell phone records by Anonymous Coward · · Score: 5, Funny

    Those are like mini-vinyl discs that you can plug into your phone for ringer tunes, right? I bet DJs will love them!

  2. "Infinitesimally" by kihjin · · Score: 5, Insightful

    This is basically a candied way of saying "there's only a few ways they can do it, so don't worry about it."

    Wrong. Compromise is as easy as one... that's right, one point of failure.

    It's still a vulnerability.

    --
    This slashdot-related signature is a stub. You can help kihjin by expanding it.
  3. I've been wondering about this for some time by suitepotato · · Score: 5, Interesting

    In certain circles, it is far from unknown that with a little grease to the palm and massage of the ego that you can get the weakest link in IT security, the human personnel, to compromise security and integrity of databases. It's been done for many years. Should it really surprise us that it happens with cell companies full of people who figure themselves underpaid for the work they do and having no real loyalties?

    People who purposely reveal any customer personal account information should be punished for it, and given what incentives they need to testify against those who put them to it, and those who did made examples of. We know it's been done for years in IT, we certainly don't need it to spread in the cell world. A solid shout of intolerance for this from the public is needed.

    Typically, this means that some politicians will make much, do little on topic, and load it with pork and rights abuses. So I'm not holding my breath.

    At the telecom place I work, even without strict rules in place, I have always practiced a challenge based system to get information that the real customer should know about their company account off the top of their head. Until we have two-part authentication, it's the best I can do. Too bad so many others see no problem in farking over other people.

    --
    If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)