Millions of prisoners' personal information were leaked online after Telmate's massive data breach. Comparitech's report stated that the widely used prison phone service left millions of inmates' and their contacts' data exposed online.
Telmate data breach leaked personal info for millions of prisoners https://t.co/PdoC2xPpQS pic.twitter.com/x9RCXj9gkz — Michelle Ann Garcia (@Michelle_Gar23) September 5, 2020
Also Read: Security Company is Urging Android Users to Delete These Six Apps That Can Access Your Bank Account
Telmate uses an app called "GettingOut" that allows the prisoners to conduct monitored video or voice calls and send texts to their loved ones. Because of the service's feature. Identifiable information and personal correspondences are included in the exposed data.
Bob Diachenko, a Comparitech security researcher, found an unsecured database in early Aug. 11 million records of inmates and their contacts, including 227 million message records. 78,885 administrative records were also identified, containing login details for the Telmate dashboard
The leaked data contains their full names, religion, crimes, facilities, relationship status, as well as their medications and their identities, whether they are transgender or not. On the other hand, their contact's records included their names, physical and IP addresses, emails, phone numbers, and driver's license ID details.
Telmate's owner quickly addressed the issue, securing the breached database
Comparitech stated that Global Tel Link, the owner of Telmate, quickly secured the database in just a few hours after receiving the report about the leaked data. GTL explained that one of its vendors was responsible for the incident.
Prison conversation between two inmates: What are you in for? Mass Murder. You? Failing to report a data breach!https://t.co/6ccxrydcvm pic.twitter.com/czwnJkarNI — Fraud Solutions (@fraudservices) February 10, 2017
The company clarified there are no passwords, medical data, or consumer payment information were affected. However, the database doesn't need a password for access, suggesting that the hackers could've extracted the information, leaving the prisoners and their contacts possible targets for identity theft, fraud, and phishing schemes.
The worst-case scenario would be making the prisoners' contacts vulnerable to discrimination and harassment. The incident is not the first case Telmate and GTL have been involved.
The company and its service were previously accused of price gouging prisoners and their families or friends, charging them with unreasonable high call rates. It was revealed that Telmate is using billing practices that make the call charges higher than the normal price rates.
For more news updates about hackers or security vulnerabilities, always keep your tabs open here at TechTimes.
Also Read: Police Jailed A Wrong Person for 6 Days; Critics Warn About 'Geofence Warrant'
This article is owned by TechTimes,
Written by: Giuliano de Leon.