Privacy on the Line: Scripps uncovered security risks for some Lifeline phone customers
Scripps Howard News Service
10:01 AM, May 19, 2013
Customers of Lifeline, a federal program for low-income Americans, benefit by getting discounted phone service.
But tens of thousands also face a liability: an increased risk of identity theft.
While looking into companies participating in the program, The Scripps News investigative team discovered more than 170,000 records posted online listing sensitive information such as Social Security numbers, home addresses and financial accounts of customers and applicants of Lifeline.
These unsecure records were widely available online this spring after being collected for two phone carriers participating in the program: Oklahoma City-based TerraCom Inc. and its affiliate, YourTel America Inc.
A simple online search into TerraCom yielded a Lifeline application that had been filled out and was posted on a site operated by Call Centers India Inc., under contract for TerraCom and YourTel.
A Scripps reporter conducted another Google query of that site, and the search engine returned scores of applications. Scripps videotaped the process.
The reporter immediately shared the findings with editors, who assembled an editorial, technical and legal team to responsibly and legally gather and secure the records for reporting purposes.
The Scripps team used computer code to download the publicly available records, securing them both electronically and physically. To verify the documents' authenticity, reporters contacted dozens of individuals named in them and spoke with privacy experts and others.
In a letter (http://bit.ly/jdlresponse), Jonathan Lee, a lawyer for both phone companies accused Scripps of accessing the records illegally.
Scripps denied that allegation (http://bit.ly/scrippsdenial) and offered to demonstrate how it found the documents online. A separate spokesman for the companies would not provide any details or evidence to support its allegations.
Schmick and company executives have declined Scripps' repeated requests for an interview. When asked how this security breach occurred, the spokesman would only say that the company was still investigating.