A prison technology company has a way to track almost any cell phone in the United States — and it reportedly just got hacked


Securus is a prison technology company best known for providing phone services for inmates.
One of its lesser-known services is a geolocation service that lets law enforcement track almost any cell phone within seconds.
Last week, the New York Times reported that a Missouri sheriff is accused of using Securus technology to track people, including a judge, without a warrant. The incident raised security and privacy concerns.
According to Motherboard, a hacker was able to breach the company’s server, and supplied the publication with internal documents.

Securus, a prison technology company used by law enforcement agencies across the country, has allegedly had its data breached by a hacker, reports Motherboard.

The 10-year-old company came into the spotlight last week, when the New York Times reported that Cory Hutcheson, a former Missouri sheriff, was accused of allegedly using Securus services to track the whereabouts of people’s cellphones, including a judge and members of the highway patrol, without warrants. Hutcheson pled not guilty.

The Dallas-based company is one of the leading providers of prison phone services, enabling inmates to communicate with the outside world. However, it also offers an additional feature to its customers in law enforcement — the ability to track the location of any cell phone across the country, in seconds.

In theory, this location service is meant for benevolent uses, like helping law enforcement solve crimes, or hospitals to recover wayward patients with Alzheimers. Furthermore, when inmates make a phone call, it gives prison staff a way to know where, exactly, the person they’re speaking with is located.

Ahead of the Times report, however, Senator Ron Wyden (D-OR) wrote a letter to the FCC, as well as AT&T, Verizon, Sprint, T-Mobile, and other wireless service providers, demanding answers on the privacy implications of the location-tracking services offered by Securus, as well as asking for safeguards against the misuse of the service.

Furthermore, the Times reports that Securus’ tracking tech works even if GPS is switched off on the target’s phone: It uses cell phone towers to triangulate the phone’s location, using tech originally invented for marketing. ZDNet has a deeper dive on how this feat is accomplished, and how Securus seems to use middleman companies to stay within the law.

It’s difficult to know how widely this service is being used — not every Securus customer takes advantage of the geolocation feature. However, it is fair to say that Securus is very popular with domestic law enforcement agencies and prisons, with the Times reporting that its customers number in the thousands.

On Wednesday, less than a week after the Times published its story, Motherboard reported that hackers had supplied it with a spreadsheet of internal company files on customers who had bought Securus services since 2011, including personal information on 2,800 Securus users.

Motherboard described the contents of this breach as including “poorly secured passwords for thousands of Securus’ law enforcement customers,” as well as usernames, email addresses, phone numbers, and other personal information. And Motherboard reports that it was able …read more

Source:: Business Insider


(Visited 9 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *