Feeds

Want to snoop on your neighbors? Come and work in Wisconsin

'Politicians, community leaders, board members, officers, family, friends. All over the place'

Internet Security Threat Report 2014

A legal case against Wisconsin's largest utility has provided a candid glimpse into a world where employees use detailed company records to snoop on celebrities and ex-lovers.

According to this recently published article by the Associated Press, a massive database maintained by Milwaukee-based WE Energies has been routinely accessed by employees looking for dirt on enemies or who are merely nosy.

"People were looking at an incredible number of accounts," the utility's vice president of customer service, Joan Shafer, testified in a sworn deposition last year. "Politicians, community leaders, board members, officers, family, friends. All over the place."

Among the people caught up in the mass snooping was then-acting Milwaukee Mayor Marvin Pratt. In 2004, as he was running for that office, a utility employee helped leak information to the media that Pratt was often behind in paying his heating bills. Pratt lost the election.

Other examples included a landlord who snooped on tenants to learn about their finances, a woman who repeatedly accessed her ex-boyfriend's account and someone who accessed a man's address so he could be served court papers.

The massive database at WE Energies contains credit and banking information, payment histories, social security numbers, addresses, phone numbers and energy usage. It sometimes also includes income and medical information.

Between 2005 and 2007, WE Energies disciplined at least 17 employees for breaking policies regarding the access of confidential information. But Shafer testified that it would be "difficult, if not impossible" to uncover all the instances of misuse.

A spokesman said the company has safeguards in place to clamp down on the practice. He declined to name them.

While the case focused on the utility, it's not hard to imagine other companies - say, large search engines whose business model depends on storing huge amounts of information about its millions of users - having similar problems.

And it's not hard to imagine employees of government agencies doing the same thing. Indeed, last year, the IRS has taken 219 disciplinary actions, such as firings and suspensions, against employees who improperly accessed confidential information. That was more than twice the number from the previous year. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.