Ride the Lightning

FCC Takes On Data Security With $10 Million Fine

October 29, 2014

As The Washington Post reported, the Federal Communications Commission ventured into data security litigation last Friday, levying a $10 million fine against two telecom companies that allegedly stored personally identifiable customer data online without firewalls, encryption or password protection.

The two companies, YourTel America and TerraCom, share the same owners and management. From September 2012 to April 2013, according to the FCC, the companies collected information online from applicants to Lifeline, the government's telephone subsidy program for poor Americans. To prove their eligibility, potential customers are asked for personal information, including Social Security numbers, dates of birth, addresses, names and drivers' license numbers.

The companies apparently didn't store the data securely or destroy it when users had proved their eligibility. Allegedly they kept the information on publicly accessible Internet servers. Reporters found the data with a Google search and notified the FCC. As many as 300,000 customers may have been affected by the unsecured data.

Travis LeBlanc, the FCC's top enforcement official said "this is the first data security action [by the FCC], but it will not be the last."

E-mail:    Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq