A lawsuit against internet provider CenturyLink and AT&T-owned DirecTV alleges the companies fail to adequately protect personal customer data — to the point that it can be found through a simple internet search.
The suit was filed Monday in U.S. District Court in Seattle and seeks class action status. The plaintiff, James Jantos, a resident of King County, claims he discovered the issue last year when he ran an internet search on his phone number and came across a March 2017 bill for a bundle with CenturyLink and DirecTV he subscribed to that included his name, address, telephone number and other information. He performed other searches to make sure the information wasn’t just available to him because it was his account.
According to court documents, Jantos was able to find other subscribers’ personal information through internet searches. He had someone else run a search on his number, and that person was able to access his data.
Jantos, through legal representatives, alerted CenturyLink to the issue, the suit alleges. According to his suit, CenturyLink acknowledged that customer information had been made publicly available.
CenturyLink declined to comment on the suit. DirecTV parent company AT&T said it is reviewing the complaint and claimed the allegations do not involve DirecTV bills directly. Members of Jantos’ legal team have not returned a request for comment.
Jantos’ team asked for “punitive damages” and “liquidated damages computed at the rate of $100 a day for each violation.” The suit alleges that CenturyLink and DirecTV are in violation of Section 338 of the Communications Act, which says satellite carriers can’t disclose customer information without written consent and must take steps to protect customer information from being accessed by others.
Customer data privacy has become a major issue in recent years, with companies of all kinds coming under fire for hacks, data breaches and other situations. Facebook is in hot water over reports that Cambridge Analytica, a firm that uses data to determine voter personality traits and behavior, illegitimately obtained information about 50 million Facebook users to help conservative campaigns, including that of President Donald Trump.
Yesterday, online travel company Orbitz disclosed a potential hack of a legacy booking system that exposed two years worth of customer data and affected approximately 880,000 payment cards.