Blaming the discoverer of a breach probably not a wise move
More on the Lifeline breach involving TerraCom and its affiliate YourTel America:
Scripps Howard News Service has its report on the breach here, and has also published a companion piece with video of how they discovered the breach. As reported previously, Scripps reports that when notified of the leak, TerraCom had accused Scripps of accessing the records illegally.
At least two states are now investigating the breach. According to Scripps:
The Indiana attorney general’s office, responding to Scripps’ reporting, has launched an investigation into the release of TerraCom applicants’ personal records. The Texas attorney general’s office is also making inquiries about the publicly posted information.
Indiana and Texas have the highest numbers of applicants potentially at risk — 17,419 and 10,799, respectively — a partial analysis of the records shows.
According to Scripps, personal information used to verify eligibility for the federally supported Lifeline program was not supposed to have been retained. If it turns out TerraCom was retaining the information, that’s a serious matter apart from the inadequate security that led to the leak. And blaming the entity that discovers and reports the breach will likely backfire.
IA ENG - May 21, 2013
What a circus. Some one helps, and notifies the company that their pants are around they ankles, and what a better way to take the heat off one self than to point fingers at someone that wants to help. Good going TerraCom – if they didn’t tell you of the breach, how much LONGER would have been blind to your own negligence?
Its probably a ploy by TerraCom to recoup losses by potentially suing someone who in good faith notifies the blind business. Ummmmm if they call that a business.
Hopefully Scipps can testify on the State and Federal side of the matter and see exactly what the heck is going on in the TerraCom meltdown.