1. Home
  2. Services
  3. Prison Phone Company Hit With Massive Data Breach

Prison Phone Company Hit With Massive Data Breach

By Alice Ollstein - ThinkProgress

November 11, 2015

An unnamed hacker leaked documents to the news site The Intercept revealing a major data breach by the prison phone company Securus Technologies. At least 70 million call records from prisoners in 37 states over two years were released, including thousands of calls that never should have been recorded and stored in the first place: confidential conversations between attorneys and their incarcerated clients.

Calling it “the most massive breach of the attorney-client privilege in modern U.S. history,” the American Civil Liberties Union told The Intercept that while prisoners lose many of their constitutional rights, the right to speak privately with an attorney — related to the Sixth Amendment — must be protected.

Similar allegations of privacy violations have cropped up before, with serious repercussions.

In 2008, an attorney in San Diego, California discovered that a confidential phone call he had with an inmate about trial strategy had been recorded and shared with local prosecutors. This has also happened in Florida, Texas, Michigan and other states, and has lead, in some cases, to charges getting dismissed against inmates whose calls were illegally monitored.

More lawsuits from prisoners are expected following the new revelations about Securus’ data breach.

Securus is a for-profit corporation that makes hundreds of millions of dollars a year from exclusive contracts with thousands of jails and prisons across the U.S., in which it gets to charge prisoners more than a dollar a minute, in addition to a host of extra fees. It is one of a tiny handful of companies that control the prison phone industry, and has used its power and influence to try to shape policy. Recently, Securus threatened to the sue the Federal Communications Commission over a new rule that would make prison phone calls more affordable for struggling families.

In a statement sent to ThinkProgress on Wednesday, Securus says that while an investigation into the data leak is ongoing, they suspect that someone with authorized access to their phone records released the data as opposed to an outside hack. 

The corporation denies that conversations between inmates and lawyers were illegally monitored, as the Intercept story claims. "It is very important to note that we have found absolutely no evidence of attorney-client calls that were recorded without the knowledge and consent of those parties," the statement says. "Our calling systems include multiple safeguards to prevent this from occurring. Attorneys are able to register their numbers to exempt them from the recording that is standard for other inmate calls. Those attorneys who did not register their numbers would also hear a warning about recording prior to the beginning of each call, requiring active acceptance." 

Securus notes that they are coordinating with law enforcement and will provide updates to the public as the investigation progresses.