LARGO, Fla.—VICI Marketing LLC may have exposed more than 375,000 recorded telephone conversations, with at least 17,000 of them containing customers’ personal data, according to a new report.
Researchers from the MacKeeper Security Research Center said they made the discovery during a routine security audit of the Florida-based telemarketing company. MacKeeper said thousands of audio recordings where compromised in which customers gave their names, addresses, phone number, credit card numbers, CV numbers and more.
In 2009 VICI Marketing LLC agreed to pay $350,000 to settle a complaint by the Florida Attorney General's Office that the firm obtained stolen consumer information and did not take proper steps to ensure data was acquired legitimately, MacKeeper noted.
“Researchers have confirmed that despite the fine and penalties they have still not secured customer or company data and there is a date range of recordings going back several years. Under the agreement: If the terms of the injunction are violated, Vici could be subject to a $1 million civil penalty,” MacKeeper reported.
There is enough information in each call to provide cyber criminals with all they need to steal the credit card information or commit a wide range of crimes, MacKeeper stated.
“Some of the recordings do not warn customers that the calls are being recorded or stored. Eleven states require the consent of every party to a phone call or conversation in order to make the recording lawful. These "two-party consent" laws have been adopted in California, Connecticut, Florida, Illinois, Maryland, Massachusetts, Montana, New Hampshire, Pennsylvania and Washington,” MacKeeper said.