Qwest glitch exposes customer data
Telecom giant Qwest Communications acknowledged Thursday that a glitch in its Web-based paperless billing system left some long-distance customer records exposed for over a week.
Qwest offers long-distance customers a price break if they forgo printed statements and pay their bills with a credit card though the company's Web site. Subscribers who avail themselves of the service are offered a choice of logging in with a phone number and calling card PIN, or a user-specified name and password.
Earlier this month the system stopped checking passwords, allowing anyone who enters a valid username to access that subscriber's billing record, including the type of phone service for which they're signed-up, their name and billing address, the name on any calling cards issued though the account, and a complete copy of their most recent phone bill.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.