A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licenses

A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licenses

Pay Tel, a service that facilitates phone calls for inmates, has inadvertently exposed a significant security vulnerability, leading to the public accessibility of a cloud server containing sensitive personal data. Cybersecurity firm UpGuard uncovered the issue, revealing that a Microsoft Azure-hosted server held at least 300,000 scans of driver’s licenses and other government-issued identification documents used by Pay Tel customers. The server was found to be unsecured, lacking a password, which allowed anyone with internet access to locate and view the stored data. Pay Tel provides communication devices, such as tablets, to prisons across the United States, requiring customers to submit identification documents and profile photos for service activation. Unfortunately, this sensitive information was among the data that became exposed. In addition to personal identification, researchers from UpGuard indicated that various inmate communications—including text messages, handwritten notes, and financial records—were also compromised due to this security breach. UpGuard notified Pay Tel about the vulnerability on May 7, and despite follow-ups, it appears the server remained unsecured for several days. As of now, Pay Tel has not publicly acknowledged this security incident. This leak adds to a worrying trend where technology companies fail to adequately protect sensitive user information, often due to misconfigurations or inadequate cybersecurity practices. UpGuard highlighted that many of the uploaded images contained geolocation data, which could potentially reveal the home addresses of the individuals involved. This incident marks Pay Tel's second known security issue in just two years, following a ransomware attack in June 2025. The company's president, Vincent Townsend, has not responded to inquiries regarding this latest breach, and it remains uncertain whether affected individuals will be notified or if any legal obligations under state data breach laws will be fulfilled. The accountability for cybersecurity practices at Pay Tel remains unclear.

Sources : TechCrunch

Published On : May 28, 2026, 18:35

Startups
Robinhood's CEO Envisions AI Trading Agents Matching Human Expertise

Vlad Tenev, the CEO of Robinhood, has made a bold prediction about the future of trading: artificial intelligence agents...

CNBC | Jul 02, 2026, 10:25
Robinhood's CEO Envisions AI Trading Agents Matching Human Expertise
AI
SpaceX Dives Into AI: A Bold Move Towards a Revolutionary Device

SpaceX, led by Elon Musk, is venturing into the realm of artificial intelligence with a prototype for a groundbreaking g...

Business Today | Jul 02, 2026, 06:50
SpaceX Dives Into AI: A Bold Move Towards a Revolutionary Device
AI
Indian Entrepreneur Invests $30 Million to Create AI-Driven Workplace Solution

Bhavin Turakhia, a prominent figure in the Indian tech industry, is investing a personal sum of $30 million to establish...

TechCrunch | Jul 02, 2026, 05:50
Indian Entrepreneur Invests $30 Million to Create AI-Driven Workplace Solution
AI
Base44 Unveils Custom AI Model to Revolutionize Website Design

Base44, a San Francisco-based startup, is on a mission to transform the way users create websites, offering a fresh alte...

Business Insider | Jul 02, 2026, 05:00
Base44 Unveils Custom AI Model to Revolutionize Website Design
Cybersecurity
India Demands Answers from Meta Over WhatsApp's Controversial Username Feature

WhatsApp's new privacy feature, known as 'Usernames', is currently under intense scrutiny in India due to rising concern...

Business Today | Jul 02, 2026, 05:50
India Demands Answers from Meta Over WhatsApp's Controversial Username Feature
View All News