Telmate, a widely used prison phone service, left millions of inmates’ and their contacts’ data exposed online, according to Comparitech. The company is behind an app called GettingOut, which gives prisoners a way to make monitored voice/video calls and to send texts to their loved ones. Due to the nature of the service, the exposed data included identifiable information and personal correspondences.
Comparitech security researcher Bob Diachenko discovered an unsecured database in early August containing 11 million records of inmates and their contacts, as well as 227 million message records. The prisoners’ records came with their full names, offense, religion, the facility they’re at, their relationship status, the medications they’re taking and even whether they identify as trans. Meanwhile, their contacts’ records included their names, their email, physical and even IP addresses, their phone numbers and their driver’s license ID details.