Welcome to your new telco job – here's sudo access to a database with full customer info stored in the clear
ID: 36e533a8-f056-515a-addf-a630fd917099
STIX ID: report--36e533a8-f056-515a-addf-a630fd917099
Feed Name: The Register (Security)
A first-person account from the early 2000s where a new hire at a major US telco was granted sudo access to a production database containing names, addresses, Social Security numbers, and full credit card numbers stored in cleartext; after the DBA flagged the issue management deleted the data and reverted billing lookups to the central system. The story highlights failures in access control, lack of tokenization/encryption, and the insider/exposure risk from overly broad privileges.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
