Hacked Business Owner Stuck With $52k Phone Bill

← Back to Stories (view on slashdot.org)

Hacked Business Owner Stuck With $52k Phone Bill

Posted by ScuttleMonkey on Friday December 19, 2008 @07:19AM from the build-a-better-mousetrap dept.

ubercam writes "A Canadian business man is on the hook for a $52,000 phone bill after someone hacked into his voice mail system and found a way to dial out. The hacker racked up the charges with calls to Bulgaria. The business owner noticed an odd message coming up on his call display (Feature 36), and alerted his provider, Manitoba Telecom Services. They referred him to their fraud department, who discovered the breach. MTS said that they would reverse the charges if the hacked equipment was theirs, but in this case it was customer owned. The ironic part is that the victim's company, HUB Computer Solutions, is in the business of computer and network security. They even offer to sell, configure and secure Cisco VoIP systems. Looks as though they even couldn't manage to secure their own system, which doesn't bode well for their customers." This certainly isn't the first time someone has exploited the phone system and stuck another with the bill. Maybe it's time for the phone company to get their fraud detection and prevention services at least on par with the credit card companies'.

9 of 300 comments (clear)

Min score:

Reason:

Sort:

Why would they do that? by GrenDel+Fuego · 2008-12-19 07:26 · Score: 5, Informative

This certainly isn't the first time someone has exploited the phone system and stuck another with the bill. Maybe it's time for the phone company to get their fraud detection and prevention services at least on par with what the credit card companies have done.
As long as the customers are responsible for the charges, they have no business reason to invest in fraud protection.
Bruce Schenier refers to this as an externality, and had written about it a number of times in the context of credit card security and computer security.
http://www.schneier.com/blog/archives/2007/01/information_sec_1.html
http://www.schneier.com/blog/archives/2006/03/credit_card_com.html
http://www.schneier.com/blog/archives/2005/10/preventing_iden.html
Not astonishingly suprising... by damn_registrars · 2008-12-19 07:26 · Score: 5, Interesting

I don't find this suprising in perspective of what people in the service sector usually have for themselves.

After all, what kind of car does your mechanic drive? Do you know when your mechanic last did an oil change on their own car?

Hint - the mechanic's car is usually fixed last, if ever.

In similar light I knew a cardiologist a few years back who died of heart failure.

It isn't easy to find time to maintain for yourself the same kind of equipment that you are paid to keep up for others.

--
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
1. Re:Not astonishingly suprising... by Spazztastic · 2008-12-19 07:48 · Score: 5, Interesting
  
  Or the old quote. The Carpenters house is always the one that is in least repair.
  Good point, their site runs Sharepoint and the Site Settings prompt is open to the world.
  
  http://www.hub.ca/default.aspx
  
  --
  Posts not to be taken literally. Almost everything is sarcasm.
2. Re:Not astonishingly suprising... by Anonymous Coward · 2008-12-19 09:06 · Score: 5, Funny
  
  [citation needed]
  Will this do?
Good luck with MTS. Seriously. by Abstrackt · 2008-12-19 07:29 · Score: 5, Interesting

I had a phone cable dug up recently because MTS didn't mark it on a cable locate. The responses ranged from "sorry, you're out of luck" to "where else are you going to go for phone service?" I feel bad for the guy, but unless he takes it to court he isn't getting any help from MTS.

--
They say a little knowledge is a dangerous thing, but it's not one half so bad as a lot of ignorance. - Terry Pratchett
Re:Bulgaria? by OhPlz · 2008-12-19 07:48 · Score: 5, Informative

Often times, the thief sells calls at clusters of payphones in low income urban areas. The calls are made to wherever the immigrants in the area came from. These rings have phone systems like this that they hijacked, stolen prepaid phone card lists, stolen credit card lists that they can use to place calls, and so on. This is where a lot of phishing leads to. If they think anyone is on to them, they can just walk away. The authorities rarely get involved because they're too difficult to catch and the dollar amounts aren't large enough. It's a great scam because it's easy and they don't have to risk taking delivery of anything. The minutes turn into cash.
Re:1-900... by gandhi_2 · 2008-12-19 08:11 · Score: 5, Interesting

I just spent 2 weeks in Bulgaria with the Utah Army National Guard.
Let me assure you, none of us had ever seen so many gorgeous women in one place.

--
THL phish sticks
Re:Yay for 4-digit pins by Anonymous Coward · 2008-12-19 08:14 · Score: 5, Funny

Incorrect PIN number. You have 9998 tries remaining.
Re:WTF? by mewsenews · 2008-12-19 08:14 · Score: 5, Interesting

Some context from a native of Winnipeg:
MTS is our AT&T, it's the big bad phone company. I believe it's the second largest company in our province, behind the power company. HUB is a tiny business that I had never heard of. This is very much a David vs. Goliath thing, the HUB guy wants MTS to go easy on the bill because they have money. MTS has dropped all responsibility because it's not their equipment that was hacked, but this guy has come back with "you should have notified me earlier of abnormal usage on my phone lines".
The HUB guy will have to lay off one of his staff unless MTS goes easy on this bill. His only method of leverage on MTS is to speak to the newspaper. That's the reason he's risking public embarrassment.