I worked for T-Mobile as an outsourced customer service drone for several years. This shit was happening a decade ago; T-Mo brought down heavy personal verification rules AND prohibited giving out call location data UNDER ANY CIRCUMSTANCES AT ALL over the phone even if the caller was able to verify every single detail on the account. I don't know what the policies are these days but a decade ago customer service reps were regularly being phished into giving sketchy PIs and sometimes just plain fucking stalkers critically private information. That it's still happening, just evolved to find a more potent blind spot, is gross but unsurprising.
T-Mo also had a policy that anyone claiming to be law enforcement would be immediately transferred to a dedicated department handling law enforcement requests for information. I don't know how that department actually handled calls and if they were vulnerable to phishing because their policies weren't listed on the intranet, at least not to a regular dude with generic CS permissions.
How is this even possible to get without a warrant, isn't this a massive breach of privacy?
The system will be there ready to use by the sounds of it. Perhaps illegal to use without a warrant, but available regardless.
Stalkers don't even need to pretend, most of these carriers are literally selling this information in an undisclosed market for Marketing companies.
I don't know what the state of things is now, but a decade ago any T-Mobile representative with access to the CSM (anyone who would be doing customer service calls of any kind) could pull up someone's account and see their entire call history for available record ranges including the datestamps and the tower ID the call was made from.
As a customer service agent, I needed to be able to look at a customer's call usage because I'd need to, for example, be able to look at how many minutes they used and patterns in the usage as part of handling their call. A customer whose family plan keeps on going over the supplied minutes and it's specifically because the teenager's phone is going through thousands of minutes of calls to five numbers, that would be something I would have been responsible for spotting and recommending a solution to the customer that mitigates that teenager's crazy usage (depending on what was available at the time).
When T-Mo brought the hammer down and banned reps from giving call details out, the call records still showed up for us but we were required to tell people to go look at their own usage records on the customer-account self-management website because of the privacy issues.
I don't know what T-Mo's customer service management software looks like today but I would hope that they tweaked it so reps just can't access what they shouldn't give out. Probably didn't change a bit.
Carriers were in the news some time ago where you could easily social engineer them to get a new SIM card and with that you get all "secure" things like SMS 2FA or password resets via phone.
This is basically no different, besides its not targeting for the phone number but location data.
This is actually how they've stolen youtube accounts in the past. Heard about it first with Boogie2988
tbf the policies of the carriers very likely DO check shit, but your security is only as good as your most unmotivated, dumbest, lowest-effort employee.
And I definitely worked with people in my call center who regularly did things they weren't supposed to do, against policy, but they got away with it because all of the cut corners added up to some of the best call stats in the department and management apparently didn't give a shit about anything but the results. The client, T-Mobile, cared a fucking hell of a lot because it was their immediate liability being toyed with, and that's probably why the corporate relationship between T-Mo and my outsourcing center's company went from strained to on fire at both ends of a destroyed bridge, but that's a whole other story.
In my experience, people working at call centers don't get paid enough to give a shit.
Can confirm, six years of dedicated work and I was earning $11.36/hour when they were paying new hires $10/hour. In hindsight I should've saved my paychecks up and quit after a year.
Haaaahahahahahahahahaaha!!!!!!
Post of 2019.
No need to be sorry. Sarcasm is often hard to read for some Facepunchers.
I graduated university in 2004 and moved back home with my dad. The intent was that I could stay with him until I found a job and got enough going to move out; it became apparent before long that the rules had changed because any job I could get did not pay for rent anywhere in town. Conceivably, I could've Scrooge McPennypinchered it and shlepped by on ramen while building up my resume with some drudge outsourcer phone center work before leveraging that into a job at the local ISP's in-town call center and use the money I saved up to cover the first month or two of rent in my own place after getting a new, better job. In theory, this could've happened.
Surprise, it didn't. Someone got a credit card.
It's crazy difficult man, I've found myself back at my mothers at 28 years of age, to my own shame. That said I've spent a decade on my own, worked up to managerial level in customer service, spent a little time at sea just to harden myself a little and now I'm working towards starting a degree in Astrophysics (fingers crossed, I'm about to start the access course.)
I'm shitting myself to return to a student, it feels like I'm going backwards but I know this is what I want. Never experienced financial security in my life, hope to achieve it some day. Good luck to yourself too bud.
As a fellow "customer service drone" for a telecom company, in this case Telenor here in Sweden; I'm glad that GDPR exists even if it makes my work more confusing but it prevents stuff like this fairly easy. Together with strict internal rules about handling police cases, this never really happens. It probably has happend by people who are sloppy and don't follow procedure but with the help of GDPR, a lot of the info that a stalker would want has actually been removed/we stopped keeping track of because it counts as "Personal Data" in GDPR, like individual phone calls that had no cost to them. Sure they are still logged somewhere but to a first line agent they aren't available, so even if you are sloppy and don't follow procedure the information doesn't actually exist.
However, with our technical tools, we can get real-time info about which attenna/cell a customer is currently connected to. Of course that is nothing we give out, not even to the right customer but it's scary to see that I've seen people give out this information pretty freely. So it's not perfect but at least companies having very strict procedures on these sort of cases helps to protect both themselves and their customers. I've had many people try to get information they have no right to get, but you can just quote GDPR and normal Swedish rights of ownership to basically politely tell them to go fuck themselves, or ask the actual owner or person in charge to call themselves or be able to identify themselves in the call.
I don't really know what I wanted with this post but I've worked in customer service for 2 years now, and cases like this grind against you a lot. More than angry customers or so.
I effectively never moved out, my dad moved out on me (I'm effectively looking after the house and covering my own utilities in exchange for living in it rent-free). I was fortunate that he saw the writing on the wall and knew I just didn't have a welcoming environment to move out in until my income doubled or better, because the housing market started catching mad fire in the early 90s and it hasn't stopped accelerating -- deeply exacerbated by foreign (mostly Chinese) speculative real estate purchases leaving million-dollar one-bedroom suburban homes empty year-round. Rather than try and kick me out or move me into some rental property with exploitative rates for substandard accomodation, he just moved out of the city to his retirement/'til-I-die home and left me where I was. And at the risk of derailing things further the housing speculation tax is going into effect, with the end of this month being the deadline to apply for exemption -- 99% of BC residents are expected to be exempt, as it only targets people who own property that isn't being used or is being used for Airbnb on the sly
Once upon a not-too-distant time, families lived as many as four (or more?) generations under one roof. Right now, living on your own is practically a privilege, and a very difficult one to obtain for young adults. As difficult as it might be to be back at home and having your life clash with your mom's from proximity, don't feel shame in it. Please don't feel shame to draw on the support of your family. The game is rigged and you didn't manage to glitch out of bounds and get past the catch-22, at least for a little while.
The important thing is to hold on because the sun always rises in the morning and it always brings a new day with new chances for things to get better.
I just know that the only way I'm going back to a call center job is if it's inbound calls, not outbound cold-call sales of any kind, and only if it's because it's that or homelessness/starvation. And you bet your ass I'll be looking for something else ASAP.
Sorry, you need to Log In to post a reply to this thread.
