logo

Welcome to your new telco job – here's sudo access to a database with full customer info stored in the clear

ID: 36e533a8-f056-515a-addf-a630fd917099

STIX ID: report--36e533a8-f056-515a-addf-a630fd917099

Feed Name: The Register (Security)

Threat Score
60/100

Date Published: 2026-06-18

Date Updated: 2026-06-18

...
...

A first-person account from the early 2000s where a new hire at a major US telco was granted sudo access to a production database containing names, addresses, Social Security numbers, and full credit card numbers stored in cleartext; after the DBA flagged the issue management deleted the data and reverted billing lookups to the central system. The story highlights failures in access control, lack of tokenization/encryption, and the insider/exposure risk from overly broad privileges.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.