A new report by the Guardian has revealed yet another alarming breach of security from the firms we trust with our communications. A supposed Skype transcription program in China ran with "no security measures" protecting Skype customers and their recordings.
No security measures
A former contractor revealed that Skype recordings were simply accessed on their personal laptops. There was no cybersecurity aid to protect the data from criminal or state interference.
More shockingly, the employees were encouraged to use the same password for all their work accounts for ease of management. “There were no security measures, I don’t even remember them doing proper KYC [know your customer] on me. I think they just took my Chinese bank account details,” the former employee told the Guardian.
He added that after a while he was allowed to do the work from home where security measures were even laxer. "I judged British English (because I’m British), so I listened to people who had their Microsoft device set to British English, and I had access to all of this from my home laptop with a simple username and password login," the contractor said.
“They just give me a login over email and I will then have access to Cortana recordings. I could then hypothetically share this login with anyone,” the contractor added. “I heard all kinds of unusual conversations, including what could have been domestic violence. It sounds a bit crazy now, after educating myself on computer security, that they gave me the URL, a username and password sent over email.”
We have had an inkling that actual humans were listening to our calls since Motherboard broke the news last August. Motherboard actually acquired Skype audio from people talking "intimately to loved ones, some chatting about personal issues such as their weight loss, and others seemingly discussing relationship problems."
This is troublesome, to say the least, and makes us think twice about where we put our trust. With all these privacy scandals breaking through all the time, is there any communications firm we can use safely?