Every once in a while you get to a point in your career where you think
you’ve seen and heard it all.Then out of nowhere comes an event that at ﬁrst
seems somewhat bizarre, but the more you think about it, the more sense it
A telecommunications company in the U.S. had an interesting situation.
They discovered that certain operators were giving out confidential cus-
tomer data to “ethically flexible” private investigators who were researching
divorce cases. It appeared that during an investigation, a private investigator
would work with one of the company’s operator to glean the calling records
of the persons they were investigating: Who did the person call? Who did
those people call, and so on? This was explicitly against company policy, and
all operators had been trained to never give information out without prop-
erly authenticating the caller to ensure that the data they requested
belonged to them.
But the success of these inquiries only required that the private investiga-
tors ﬁnd an operator sympathetic to their cause. In this particular case, the
operator was looking for a little extra cash, and perhaps didn’t feel that what
she was doing was all that bad, or she may even have viewed herself as a vigi-
lante of sorts. Whatever the case, the investigator now had an insider who
could help carry out the scheme.
While the phone company knew this was happening, it was hard to ﬁgure
out which operator was giving out the restricted information. Most of the
employees were temporaries—college students—so the turnover rate was rela-
tively high. Also, the sheer volume of calls, number of operators, and number
of customer ﬁles made investigation a daunting task. However, as with most
systems I’ve discussed, the operator’s phone system and ﬁle access activity cre-
ated logs. Further, the telephone system and database ﬁles were actually one
integrated system. Every time an operator received a call, the information was
logged, and ﬁles that the operator accessed during that call were also logged,
based on the time slice for the duration of each call.
The program that the operators used had been in place for several years,
but logs were very rarely—if ever—actually analyzed for anything except
statistics on the number of calls per operator, call duration, and other cus-
tomer service measurements.
124 Chapter 7 • Collaborative Threat—A Telecommunications Company in the U.S.
424_Wtr_Clr_07.qxd 7/27/06 1:37 PM Page 124