A company that specializes in helping companies avoid being sued for allegedly violating the Telephone Consumer Protection Act has been leaking the phone numbers, email addresses, and passwords of its customers and the contact information for individuals who have hired lawyers to sue for TCPA violations, according to a published report.
The Blacklist Alliance, which calls itself a TCPA litigation “firewall” acknowledged the incident and has resolved it, according to another published report. The chief executive of the company is working with a privacy and data breach specialist to make sure it is complying with all relevant laws and regulations.
A web server was not encrypted and was available for anyone on the Internet to access. Individuals could have accessed the server and browsed it for information, which included API keys for all of the company’s clients.
The Blacklist Alliance purports on its website to protect companies from professional plaintiffs, class action attorneys, and regulatory enforcement. The company’s technology promises to scrub the names of professional plaintiffs from an outbound calling campaign or suppress them when the call is an inbound one. Customers also have access to compliance training, litigation alerts, and prepaid attorney services.
Most of the data that was accidentally made available was collected this year, according to screenshots and timestamps that were analyzed by one of the media outlets that reported the incident.
“We intend to examine every avenue, including third-party service providers with whom we work and pursue any legal action available to us,” said Seth Heyman, CEO of The Blacklist Alliance, in a published report.