Security News > 2006 > February > AT&T sues small nonprofit company for hacking fees that trace back to it
http://www.sltrib.com/business/ci_3489614 By Bob Mims The Salt Lake Tribune 02/09/2006 AT&T Inc. raked in nearly $44 billion in revenues last year, and paid chairman and CEO Edward E. Whitacre Jr. $8.34 million in salary. Whitacre makes $340,000 more a year than the entire $8 million annual budget of HealthInsight, a Salt Lake City-based, 60-employee, nonprofit organization AT&T is suing in U.S. District Court. At issue: more than $25,500 in telephone charges the telecommunications giant acknowledges an unidentified hacker or hackers piled up, but for which it holds the hacker's victim, HealthInsight, responsible. "We've had some discussions with AT&T, but have been unable to resolve this," HealthInsight President and CEO Marc Bennett said Wednesday. "We don't believe we or any company should be responsible for calls we didn't make." AT&T, through its Logan attorneys Todd Turnblom and John Bailey, contends HealthInsight's security measures were inadequate. Further, the telecom says it warned HealthInsight three times that its system was being used to make unauthorized domestic and foreign calls, but the nonprofit failed to act. HealthInsight - which normally has less than $700 in long-distance fees for its Utah and Nevada operations combined - was billed for the $25,554.52 in unauthorized charges racked up on March 11, 2005. The hacker or hackers are thought to have gained access to AT&T's long-distance services through HealthInsight's toll-free line, voice mail and other systems. AT&T seeks the amount it says remains owed, plus interest, along with court and attorney fees to be determined at trial. Bennett stands by his staff's telecommunications security efforts, arguing that anyone can become the victim of a hacker, regardless of taking standard precautions. "We had what we were told were reasonable security measures in place," he said. HealthInsight, which splits its work among 40 Utah and 20 Nevada employees, advises health care providers on Medicare and Medicaid matters, and helps coordinate national programs aimed at improving care for diabetes, heart disease and stroke patients. _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org