Cyber Incident Victim: Securus Technologies
Date:
Dec 2011
Location:
United States of America
Summary
A major security breach at Securus Technologies exposed over 70 million records of inmate phone calls, including metadata and downloadable audio recordings, spanning multiple states. The compromised data contained at least 14,000 calls between inmates and attorneys, indicating potential violations of attorney-client privilege and constitutional protections for legal communications. An anonymous hacker leaked the materials, alleging the company infringed on prisoners' rights, and revealed systemic vulnerabilities in Securus' data storage despite its claims of rigorous security standards. The breach exposed personal conversations and sensitive legal discussions, raising concerns about indefinite retention of recordings and inadequate safeguards for privileged calls. While the company asserted no evidence of a technology breach and attributed the leak to authorized user misconduct, the incident highlighted risks to privacy and legal integrity within correctional telecommunications systems. The ACLU characterized the exposure as a significant breach of confidentiality rights affecting incarcerated individuals and their contacts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In November 2015, The Intercept reported a major security breach at Securus Technologies, a Dallas-based prison telecommunications provider, involving the exposure of over 70 million inmate phone call records spanning December 2011 to spring 2014. The data, leaked by an anonymous hacker via SecureDrop, included metadata such as inmates’ names, account numbers, called phone numbers, call durations, and direct URLs to downloadable audio recordings. The hacker claimed the action was motivated by Securus’s alleged violations of inmates’ constitutional rights. The compromised records covered calls from more than 63,000 inmates across 37 states to nearly 1.3 million unique phone numbers. A critical subset involved at least 14,000 recorded attorney-client conversations, identified by cross-referencing called numbers with public attorney directories. This figure likely underrepresented the total, as it excluded calls to attorneys’ cellphones. The breach raised immediate concerns about violations of attorney-client privilege and Sixth Amendment rights, with the ACLU calling it potentially "the most massive breach of the attorney-client privilege in modern U.S. history."

Securus, which provided phone services to over 1.2 million inmates in 2,200 facilities, marketed its Secure Call Platform as a secure system for monitoring and storing calls exclusively for authorized law enforcement use. The company had generated $404 million in revenue in 2014, partly through contracts requiring it to pay governments "site commissions" averaging 42% of call revenue. Despite promises of rigorous security and exemptions for privileged calls, the breach revealed systemic failures. The data was initially stored in a 37-gigabyte file with hundreds of tables, later consolidated by The Intercept into a single 144-million-record table before deduplication. The hack also exposed a prior July 2014 incident, documented in internal Securus emails, where three calls from inmate Aaron Hernandez were accessed by an unauthorized user in South Dakota. Following the 2015 disclosure, Securus disputed claims of a technological breach, attributing the leak to "individuals with authorized access" and emphasizing safeguards like attorney number registration and call warnings. The company stated it found "no evidence" of non-consensual attorney-client call recording but initiated law enforcement coordination. Legal experts highlighted broader implications, noting that indefinite storage of non-privileged calls—many containing personal or sensitive details—exceeded the original safety justification for monitoring and risked chilling attorney-client communications.
