Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to del.icio.us  
Court case reveals workers regularly snoop
Published: 2008-02-25

A lawsuit filed by a woman fired from Wisconsin's largest electric utility for accessing sensitive records has revealed that employees frequently accessed sensitive customer information for their own gain, according to an article published by the Associated Press on Saturday.

Underscoring companies' lax oversight of their workers' access to customers' personal information, the case has revealed that employees at Milwaukee-based WE Energies regularly accessed records that included credit and banking information, payment histories, address and phone numbers, and Social Security numbers, according to the media report. Examples included a woman that often perused information on an ex-boyfriend, a woman who searched for the address of her child's father, and a part-time landlord who investigated prospective tenants. Another worker leaked information on a mayoral candidate's habit of paying heating bills late, possibly affecting the election, the article said.

"People were looking at an incredible number of accounts," Joan Shafer, WE Energies' vice president of customer service, said during a sworn deposition last year, according to the AP report. "Politicians, community leaders, board members, officers, family, friends. All over the place."

While privacy experts have worried about the large number of data breaches reported in the past two years, reports are increasingly coming to light of corporate employees and government workers using their positions of trust to access personal information. Earlier this month, a police officer in Dekalb County, Georgia, was suspended for five weeks for using a classified law-enforcement system to send fliers to the family and friends of a woman dating her husband, from whom she had separated. The fliers had a picture of the woman, the word "Homewrecker" written across the top and verses from the Bible on adultery. Last year, the Internal Revenue Service leveled more than 200 disciplinary actions against federal employees for illicitly accessing the financial information of private citizens, according to an Inspector General report cited by the Associated Press.

While insider threats to corporate data have garnered a great deal of attention, the privacy impact of workers in privileged positions has received less attention.

If you have tips or insights on this topic, please contact SecurityFocus.



Posted by: Robert Lemos
    Digg this story   Add to del.icio.us  
 
Comments Mode:







 

Privacy Statement
Copyright 2009, SecurityFocus