An armed stalker only had to call himself a police officer to be believed and reveal confidential information.
Verizon made a serious mistake by transferring confidential data of one of its subscribers to an outsider who introduced himself as a law enforcement officer. This could literally cost the company's client his life.
According to the FBI, a certain Robert Glauner, using forged documents, received information from Verizon about a subscriber whom he met on an adult website. After that, the man began to pursue the victim, threaten her and even came to her home with a knife.
According to the case file, Glauner met the victim on the xHamster forum around August of this year. They started a romantic online relationship, which the woman soon broke off. However, Glauner continued to try to contact her, and by the end of September, his behavior became threatening.
The man sent a fake warrant to Verizon's department for processing requests from law enforcement agencies to provide data allegedly on behalf of a police officer named Stephen Cooper. The letter referred to a murder investigation in which the owner of the specified phone number is suspected. It was reported that the suspect fled the scene of the crime and urgently needed to provide data for her capture.
The fake warrant sent by the man contained obvious inconsistencies: incorrect format, lack of additional forms required for North Carolina. In addition, the Kari city Police department, on whose behalf the request was allegedly sent, does not have an employee named Stephen Cooper. The judge's signature on the document also turned out to be fake. Finally, the email was sent from ProtonMail, which is not used by government agencies.
Despite all these signs of fraud, an hour after receiving the letter, Verizon called back "police officer Stephen Cooper", who said in the letter that he had received information that the murder suspect was going to flee to Puerto Rico. After that, the company urgently transferred confidential data of the victim to the attacker, including her home address and call log.
Having gained access to personal data, Glauner began to actively pursue the victim: he called her, sent threatening messages, and contacted her family. It also turned out that the man was already wanted by the San Diego police on charges of stalking-his previous victim changed his phone number 4 times in recent months, but he repeatedly got to her.
Finally, Glauner threatened the victim with physical violence and said that he was going to her home. Law enforcement officers quickly set up surveillance of the victim and detained the criminal on arrival. Drugs, a folding knife and several coils of rope were found in the man's car.
This incident demonstrates the importance of a thorough review of all requests for confidential data on behalf of law enforcement agencies. Verizon acknowledged the mistake and promised to continue to take a more responsible approach to such issues. However, the negligence of the employees almost cost the victim his life.
Such cases of fraud for obtaining subscribers personal data are becoming more and more common. Attackers often present themselves as police officers investigating crimes and ask operators to urgently provide information about a particular subscriber.
To prevent such incidents, companies that hold customers personal data must first fully verify the authenticity of the documents and the identity of the requester, and only then transmit the necessary data. It would also be useful to introduce additional measures to verify emergency requests, including direct contact with law enforcement agencies, in order to eliminate the risk of fraud.
Verizon made a serious mistake by transferring confidential data of one of its subscribers to an outsider who introduced himself as a law enforcement officer. This could literally cost the company's client his life.
According to the FBI, a certain Robert Glauner, using forged documents, received information from Verizon about a subscriber whom he met on an adult website. After that, the man began to pursue the victim, threaten her and even came to her home with a knife.
According to the case file, Glauner met the victim on the xHamster forum around August of this year. They started a romantic online relationship, which the woman soon broke off. However, Glauner continued to try to contact her, and by the end of September, his behavior became threatening.
The man sent a fake warrant to Verizon's department for processing requests from law enforcement agencies to provide data allegedly on behalf of a police officer named Stephen Cooper. The letter referred to a murder investigation in which the owner of the specified phone number is suspected. It was reported that the suspect fled the scene of the crime and urgently needed to provide data for her capture.
The fake warrant sent by the man contained obvious inconsistencies: incorrect format, lack of additional forms required for North Carolina. In addition, the Kari city Police department, on whose behalf the request was allegedly sent, does not have an employee named Stephen Cooper. The judge's signature on the document also turned out to be fake. Finally, the email was sent from ProtonMail, which is not used by government agencies.
Despite all these signs of fraud, an hour after receiving the letter, Verizon called back "police officer Stephen Cooper", who said in the letter that he had received information that the murder suspect was going to flee to Puerto Rico. After that, the company urgently transferred confidential data of the victim to the attacker, including her home address and call log.
Having gained access to personal data, Glauner began to actively pursue the victim: he called her, sent threatening messages, and contacted her family. It also turned out that the man was already wanted by the San Diego police on charges of stalking-his previous victim changed his phone number 4 times in recent months, but he repeatedly got to her.
Finally, Glauner threatened the victim with physical violence and said that he was going to her home. Law enforcement officers quickly set up surveillance of the victim and detained the criminal on arrival. Drugs, a folding knife and several coils of rope were found in the man's car.
This incident demonstrates the importance of a thorough review of all requests for confidential data on behalf of law enforcement agencies. Verizon acknowledged the mistake and promised to continue to take a more responsible approach to such issues. However, the negligence of the employees almost cost the victim his life.
Such cases of fraud for obtaining subscribers personal data are becoming more and more common. Attackers often present themselves as police officers investigating crimes and ask operators to urgently provide information about a particular subscriber.
To prevent such incidents, companies that hold customers personal data must first fully verify the authenticity of the documents and the identity of the requester, and only then transmit the necessary data. It would also be useful to introduce additional measures to verify emergency requests, including direct contact with law enforcement agencies, in order to eliminate the risk of fraud.
