Two US mobile operators have been fined $10 million jointly by the FCC after they stored customer information in publically accessible folders with no security in place.
According to Infosecurity, the regulator said that TerraCom and YourTel collected names, addresses, social security numbers, drivers licenses, and “other proprietary information (PI)” belonging to over 300,000 customers.
They were then stored on unprotected servers “that anyone in the world could access with a search engine and basic manipulation.” There was no attempt made to implement even password protection or encryption, exposing their customers to the risk of identity theft and other “serious consumer harms,” the FCC said.