Breach, Compliance Management, Data Security, Privacy

Sprint contractor reportedly stored non-Sprint customers’ phone bills on open server

Hundreds of thousands of cell phone bills and other documents belonging to AT&T, Verizon and T-Mobile customers were reportedly exposed after a Sprint contractor left them sitting on an open public server.

The documents had been collected and stored in the first place as part a marketing effort to persuade subscribers of rival carrier services to switch to Sprint, TechCrunch reported yesterday, identifying the contractor as marketing agency Deardorff Communications.

Discovered by the U.K.-based penetration testing company Fidus Information Security, the data set included 261,300 total documents, the majority of which were bills that contained customers' names, addresses, phone numbers and, in many cases, call histories. Other docs that TechCrunch observed included a bank statement, and a screenshot of a web page displaying subscribers' usernames, passwords and account PINs.

Fidus reported the data leak to Amazon, which in turn informed Deardorff. Jeff Deardorff, president of Deardorff Communications, told TechCrunch that the storage bucket was secured as of Wednesday, and that his company is investigating the incident as well as reviewing its policies and procedures. Sprint spokesperson Lisa Belot, meanwhile, told TechCrunch that it was "assured that the error has been corrected."

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.