A former Verizon Wireless network technician in Alabama has admitted to using company computers to steal and sell private customers' location and call data over a period of five years. As Ars Technica reports, Daniel Traeger of Birmingham faces up to five years in prison or a $250,000 fine for the federal hacking charge. As part of a plea deal, Traeger confessed that he sold the data to an unnamed private investigator.
According to the terms of the plea (PDF), Traeger and the PI made a deal sometime in 2009, when Traeger agreed to provide the information even though he was aware he was not authorized to access the data or provide it to a third party. Using two different internal systems, Traeger accessed call records and pinged the victims' cellphones to get their location. He then compiled all the data into spreadsheets which he passed along to the PI over email.
Traeger made only $50 per month, or about $25 per record, when he started selling the information. By the time he was finally caught in 2014, Traeger had racked up a nest egg of more than $10,000 from Verizon customers' private data. While Traeger's relatively small-time hack came from within the company, earlier this year Verizon's anti-hacking task force was hacked along with a cache of Enterprise customer data. Last year, Buzzfeed also reported that a vulnerability in Verizon's system made it painfully easy to access the accounts of home internet customers.