| ▲ | pigggg 5 hours ago | |||||||
It's literally a known thing at telcos in various roles they find people looking up folks dox regularly. If someone registers a complaint that someone access their data they'll look it up and deal with them. I once asked someone on the security /investigations side if you are logging what everyone is doing can't you easily find when folks are looking up stuff unrelated to their job? Their answer: we'd have to fire over half the people here - everyone is constantly looking up people's PII - celebrities, friends, enemies, etc. it's almost considered a unofficial perk of the job. This was from one of the largest US Telco carriers circa 2010. Maybe things have changed, hopefully. | ||||||||
| ▲ | pocksuppet 4 hours ago | parent | next [-] | |||||||
In Western Europe they would get fired and go to jail. That's why Western Europe doxx information is considered the most expensive in the world. It wasn't complicated to create that situation. They can just fire a few, drag one to court, and rely on the chilling effect. | ||||||||
| ▲ | dboreham an hour ago | parent | prev [-] | |||||||
Calling BS on that story. You don't need to fire anyone. You just rate limit access to lookups where the customer didn't initiate a support call themselves, and require supervisor approval and audit of said approvals on a regular basis. I've also worked on systems where accounts could be marked as sensitive (e.g. the celebrities) and those needed additional sign off to be accessed. | ||||||||
| ||||||||