SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
5
#000000
#FFFFFF
Comcast Data Breach Leaks Thousands of Unlisted Phone Numbers
Aug 25, 2014
The longer my information is out there, the worse the issue gets, yet still no action. I have paid for unpublishing my information for years as I testified in a murder trial. Now, my wife, children, and I are [a]ll in danger; and I have nowhere to turn.
Four years ago, users of Comcast's phone service who had paid for their personal information to be unlisted noticed that something was amiss. Complaints started appearing from these individuals who found their names, addresses, and telephone numbers in phone directories both online and off.
Later, it was revealed that this breach of confidential information affected more than 74,000 individuals and households in California--over half of Comcast's users in California with unlisted numbers. While the breach hit California the hardest, it also occurred with Comcast customers in other states. These numbers were treated just like ordinary listed phone numbers, licensed by Comcast to "publishers," directory assistance providers, and apparently passed on to other databases and published for everyone to see.
This is but one example of how a mistake in an industry built upon the acquisition and selling of personal information can hurt people. And this is why California law requires phone companies to protect their customers' unlisted or non-published phone numbers.1 The California Public Utilities Commission (PUC) has opened up an investigation [pdf] to determine whether and to what extent Comcast may have broken the law in allowing this release of non-published numbers. EFF Senior Staff Attorney Lee Tien has submitted testimony [pdf] as an expert witness for the California PUC in this case.
These customers were paying Comcast every month to keep their personal information out of public databases. Many of these customers rely on having a non-published number to withhold their names, telephone numbers, and addresses from public lists, not only to preserve their privacy, but to protect their safety. Data breaches like Comcast's can have grave consequences; many complaints explicitly mention abusive relationships or serious threats. As one complainant wrote:
They have put my life in danger & this is not the littlest bit of exaggerating.... I'm tired of getting the runaround & have now contacted corporate office, being paraplegic already how am I suppose [sic] to protect myself from a man that has threatened to kill me...
Comcast claims to have first heard about this breach in October of 2012, and they reported the error to California's Public Utilities Commission in January 2013. However, the Commission has found complaints about wrongly published unlisted numbers from more than two years earlier.
While "getting the runaround" from Comcast has become a matter of course, these reports reveal the actual danger that can come from a breach. And such breaches will only happen more often as more data is collected, shared, and sold.
Earlier this year, the Federal Trade Commission released its long-awaited report on the hidden intricacies of the data economy, focusing on data brokers. Apparent is the scope of use for consumer data: from marketing to risk mitigation and debt collection. Information gleaned from phone number databases can be used to flesh out profiles of individuals, making them easier targets for advertising campaigns and services--and more visible to those who want to find them.
Senior citizens often unlist their phone numbers to escape unwanted telemarketer calls. Yet, as the FTC report and many articles note, seniors are one of the more sought after segments of the population, since they are often vulnerable to deals, tricks, and scams. (For a specific example, the New York Times covered the story of Charles Guthrie, who was duped after a data broker sold his number to thieves.)
Consumers with unlisted numbers have a serious expectation of privacy, and Comcast broke not only their contracts with these customers, but most likely the law. There will be an evidentiary hearing in this case in September.
An Urgent Message From Our Co-Founder
Dear Common Dreams reader, It’s been nearly 30 years since I co-founded Common Dreams with my late wife, Lina Newhouser. We had the radical notion that journalism should serve the public good, not corporate profits. It was clear to us from the outset what it would take to build such a project. No paid advertisements. No corporate sponsors. No millionaire publisher telling us what to think or do. Many people said we wouldn't last a year, but we proved those doubters wrong. Together with a tremendous team of journalists and dedicated staff, we built an independent media outlet free from the constraints of profits and corporate control. Our mission has always been simple: To inform. To inspire. To ignite change for the common good. Building Common Dreams was not easy. Our survival was never guaranteed. When you take on the most powerful forces—Wall Street greed, fossil fuel industry destruction, Big Tech lobbyists, and uber-rich oligarchs who have spent billions upon billions rigging the economy and democracy in their favor—the only bulwark you have is supporters who believe in your work. But here’s the urgent message from me today. It's never been this bad out there. And it's never been this hard to keep us going. At the very moment Common Dreams is most needed, the threats we face are intensifying. We need your support now more than ever. We don't accept corporate advertising and never will. We don't have a paywall because we don't think people should be blocked from critical news based on their ability to pay. Everything we do is funded by the donations of readers like you. When everyone does the little they can afford, we are strong. But if that support retreats or dries up, so do we. Will you donate now to make sure Common Dreams not only survives but thrives? —Craig Brown, Co-founder |
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.
Adi Kamdar
Adi Kamdar is an activist at the Electronic Frontier Foundation specializing in copyright, patent, free speech, and intermediary liability issues. You can follow Adi on his personal Twitter account at @adikamdar.
The longer my information is out there, the worse the issue gets, yet still no action. I have paid for unpublishing my information for years as I testified in a murder trial. Now, my wife, children, and I are [a]ll in danger; and I have nowhere to turn.
Four years ago, users of Comcast's phone service who had paid for their personal information to be unlisted noticed that something was amiss. Complaints started appearing from these individuals who found their names, addresses, and telephone numbers in phone directories both online and off.
Later, it was revealed that this breach of confidential information affected more than 74,000 individuals and households in California--over half of Comcast's users in California with unlisted numbers. While the breach hit California the hardest, it also occurred with Comcast customers in other states. These numbers were treated just like ordinary listed phone numbers, licensed by Comcast to "publishers," directory assistance providers, and apparently passed on to other databases and published for everyone to see.
This is but one example of how a mistake in an industry built upon the acquisition and selling of personal information can hurt people. And this is why California law requires phone companies to protect their customers' unlisted or non-published phone numbers.1 The California Public Utilities Commission (PUC) has opened up an investigation [pdf] to determine whether and to what extent Comcast may have broken the law in allowing this release of non-published numbers. EFF Senior Staff Attorney Lee Tien has submitted testimony [pdf] as an expert witness for the California PUC in this case.
These customers were paying Comcast every month to keep their personal information out of public databases. Many of these customers rely on having a non-published number to withhold their names, telephone numbers, and addresses from public lists, not only to preserve their privacy, but to protect their safety. Data breaches like Comcast's can have grave consequences; many complaints explicitly mention abusive relationships or serious threats. As one complainant wrote:
They have put my life in danger & this is not the littlest bit of exaggerating.... I'm tired of getting the runaround & have now contacted corporate office, being paraplegic already how am I suppose [sic] to protect myself from a man that has threatened to kill me...
Comcast claims to have first heard about this breach in October of 2012, and they reported the error to California's Public Utilities Commission in January 2013. However, the Commission has found complaints about wrongly published unlisted numbers from more than two years earlier.
While "getting the runaround" from Comcast has become a matter of course, these reports reveal the actual danger that can come from a breach. And such breaches will only happen more often as more data is collected, shared, and sold.
Earlier this year, the Federal Trade Commission released its long-awaited report on the hidden intricacies of the data economy, focusing on data brokers. Apparent is the scope of use for consumer data: from marketing to risk mitigation and debt collection. Information gleaned from phone number databases can be used to flesh out profiles of individuals, making them easier targets for advertising campaigns and services--and more visible to those who want to find them.
Senior citizens often unlist their phone numbers to escape unwanted telemarketer calls. Yet, as the FTC report and many articles note, seniors are one of the more sought after segments of the population, since they are often vulnerable to deals, tricks, and scams. (For a specific example, the New York Times covered the story of Charles Guthrie, who was duped after a data broker sold his number to thieves.)
Consumers with unlisted numbers have a serious expectation of privacy, and Comcast broke not only their contracts with these customers, but most likely the law. There will be an evidentiary hearing in this case in September.
Adi Kamdar
Adi Kamdar is an activist at the Electronic Frontier Foundation specializing in copyright, patent, free speech, and intermediary liability issues. You can follow Adi on his personal Twitter account at @adikamdar.
The longer my information is out there, the worse the issue gets, yet still no action. I have paid for unpublishing my information for years as I testified in a murder trial. Now, my wife, children, and I are [a]ll in danger; and I have nowhere to turn.
Four years ago, users of Comcast's phone service who had paid for their personal information to be unlisted noticed that something was amiss. Complaints started appearing from these individuals who found their names, addresses, and telephone numbers in phone directories both online and off.
Later, it was revealed that this breach of confidential information affected more than 74,000 individuals and households in California--over half of Comcast's users in California with unlisted numbers. While the breach hit California the hardest, it also occurred with Comcast customers in other states. These numbers were treated just like ordinary listed phone numbers, licensed by Comcast to "publishers," directory assistance providers, and apparently passed on to other databases and published for everyone to see.
This is but one example of how a mistake in an industry built upon the acquisition and selling of personal information can hurt people. And this is why California law requires phone companies to protect their customers' unlisted or non-published phone numbers.1 The California Public Utilities Commission (PUC) has opened up an investigation [pdf] to determine whether and to what extent Comcast may have broken the law in allowing this release of non-published numbers. EFF Senior Staff Attorney Lee Tien has submitted testimony [pdf] as an expert witness for the California PUC in this case.
These customers were paying Comcast every month to keep their personal information out of public databases. Many of these customers rely on having a non-published number to withhold their names, telephone numbers, and addresses from public lists, not only to preserve their privacy, but to protect their safety. Data breaches like Comcast's can have grave consequences; many complaints explicitly mention abusive relationships or serious threats. As one complainant wrote:
They have put my life in danger & this is not the littlest bit of exaggerating.... I'm tired of getting the runaround & have now contacted corporate office, being paraplegic already how am I suppose [sic] to protect myself from a man that has threatened to kill me...
Comcast claims to have first heard about this breach in October of 2012, and they reported the error to California's Public Utilities Commission in January 2013. However, the Commission has found complaints about wrongly published unlisted numbers from more than two years earlier.
While "getting the runaround" from Comcast has become a matter of course, these reports reveal the actual danger that can come from a breach. And such breaches will only happen more often as more data is collected, shared, and sold.
Earlier this year, the Federal Trade Commission released its long-awaited report on the hidden intricacies of the data economy, focusing on data brokers. Apparent is the scope of use for consumer data: from marketing to risk mitigation and debt collection. Information gleaned from phone number databases can be used to flesh out profiles of individuals, making them easier targets for advertising campaigns and services--and more visible to those who want to find them.
Senior citizens often unlist their phone numbers to escape unwanted telemarketer calls. Yet, as the FTC report and many articles note, seniors are one of the more sought after segments of the population, since they are often vulnerable to deals, tricks, and scams. (For a specific example, the New York Times covered the story of Charles Guthrie, who was duped after a data broker sold his number to thieves.)
Consumers with unlisted numbers have a serious expectation of privacy, and Comcast broke not only their contracts with these customers, but most likely the law. There will be an evidentiary hearing in this case in September.
We've had enough. The 1% own and operate the corporate media. They are doing everything they can to defend the status quo, squash dissent and protect the wealthy and the powerful. The Common Dreams media model is different. We cover the news that matters to the 99%. Our mission? To inform. To inspire. To ignite change for the common good. How? Nonprofit. Independent. Reader-supported. Free to read. Free to republish. Free to share. With no advertising. No paywalls. No selling of your data. Thousands of small donations fund our newsroom and allow us to continue publishing. Can you chip in? We can't do it without you. Thank you.