Known as the “American watchdog”, the FCC proved to be just that when this week two US mobile operators were slapped with fines after leaking sensitive information to the public. The FCC reported that YourTel Wireless along with TerraCom Wireless improperly stored proprietary information pertaining to 305,000 customers.
Because of sensitive customer information being improperly maintained and potentially leaked, the companies will pay a joint fine in the amount of $10 million.
According to the FCC’s order, the web service used by the two companies improperly stored secure information provided by the two mobile operators. Because of this, the records of all associated customers could have been accessed by the public.
The FCC explains in its filing that both YourTel Wireless and TerraCom Wireless offered customers a phone service called Lifeline Assistance, which typically targets lower income residents in the United States. During the registration process for this service, financial information is supposed to be provided by mobile customers to help company representatives determine qualification.
The reason the FCC considers this important is that Lifeline Assistance has financial backing of the government. In order for someone to qualify for this phone service, they must pass numerous verifications. However, these are also the very customers whose private information was compromised. Due to the way things were handled, these records were left wide open to public possession and perusal.
Early last year, an investigative reporter who worked for Scripps Howard News Service discovered that several companies were storing proprietary information, as well as documents provided by low-income applicants for the Lifeline service on an unprotected website. As such, this news service had access to over 128,000 confidential records and documents provided by applicants but also subscribers of Scripps’ services.
The reporter was able to find consumers’ data simply by conducting a quick Google search. After a single file was located, the file’s URL was shortened by Scripps, which then gained access to the full director of data for applicants and subscribers.