Journalists threatened after finding massive data security lapse

  • Print.

A video of a Scripps reporter conducting a Google
query that located records posted online listing
sensitive information.

A team of investigative reporters landed in hot water after finding a massive data security lapse that put hundreds of people at serious risk of identity theft.

Journalists for the Scripps News Service notified Lifeline, the federal program for low-income Americans that offers a discounted phone service, within hours of discovering of a gaping security hole that exposed more than 170,000 records related to customers and applicants discovered through a basic Google search, Scripps Howard News Service reports. The “widely available” information involved people from at least 26 states and included Social Security numbers, scans of passports, driver’s licenses, tax records collected for two phone carriers participating in the program: Oklahoma City-based TerraCom Inc. and its affiliate, YourTel America Inc., according to the story.

Instead of a “thank you,” Jonathan Lee, legal counsel for TerraCom and YourTel, accused the reporters in a letter (PDF) of “numerous violations of the Computer Fraud and Abuse Act,” and claimed that the reporters, not the companies responsible for the data breach, should expect to pay any fines related to the leak, the Scripps Howard News Service reports.

David Giles, Scripps’ deputy general counsel, responded in a letter (PDF) to the accusation that the reporters “hacked” the information by calling on the companies to stop the “name calling and the legal posturing” and instead address the “apparent careless security practices” raised by the story, according to the report.

Hat tip: Slate.

Give us feedback, share a story tip or update, or report an error.