back to article Man faces $52k bill after voicemail breach

A Winnipeg businessman has received a telephone bill for more than $52,000 (Canadian) after unknown miscreants breached his voicemail system and made hundreds of calls to Bulgaria. Alan Davison, told CBCNews he knew something was amiss when he saw a strange "feature 36" message repeatedly popping up on his phone. He evidently …


This topic is closed for new posts.
  1. Anonymous Coward

    Money back? It all depends

    SO this guy wants his money back because he set up a weak password for onward transfers with his DX, Hmm! let me think NO!

    Although if he bought the DX from the telecom vendor he gets service from he may have a case for inadequate security support.

    And anyway what would any self respecting telecom company monitor your usage for spikes, that's how they make all that obscene profit. As a shareholder in several of these companies I can say the more dumb people like this the happier I am.

  2. g00p
    Paris Hilton

    What I wanna know is.. the devil anyone can spend that bl00dy long on the phone!?!?!

  3. boltar Silver badge

    He was stupid using an easy password but...

    ... the company allowed it. Which means they allowed potential breaches of their security system and so they should cough up. $52K is nothing compared to the poor public relations and custom they'll lose if they force him to pay by dragging him through the courts.

  4. Jim

    Re: Money back?

    This guy doesn't want his money back, he wants MTS (long distance supplier) to cover SOME of the cost for not questioning the unusual traffic for 3 weeks.

    Strange that banks will decline a transaction on any grounds but a telecoms company can see a bill that normally ranges from $15-$500 per month jump to $2k a day and not bat an eyelid. If I were in that situation I may have an expectation that the service provider would have taken slightly less than 3 weeks to question the massive rise in costs.

    Then again, if my company also offered Cisco Unified Coms as a 'solution' then I may just have to console myself with slapping my forehead every 20secs or so.

  5. RichardB


    If someone broke into your house while you were on holiday and rang up a series of premium rate numbers leaving you with a massive bill - would you expect to have to pay it?

  6. Andrew


    Someone illegally used his telephone service to make calls. He may well have had poor security but that doesn't make it his fault or even ok to do something which amounts to stealing off him. If i leave my house unlocked , taking things from it is still stealing. I assume you wouln't complain if a locksmith open your house and took all your stuff, after all it's your fault for having lax security on your front door.

    Saying he has to pay this bill is the same as saying if you get your creidt card skimmed your liable for the purchases made on it. Yes someone illegally used your card, but bad luck shouldn't have been lax enough to let someone steal your details.

  7. Jolyon Ralph
    Thumb Down

    And that's why I use a PAYG phone

    having had a contract phone for the last 14 years or so, I couldn't be arsed with all this nonsense any more.

  8. Andy

    The ubiquitous...

    52,000 Canadian - that's about 20 quid right ?

  9. Anonymous Coward
    Anonymous Coward

    Re: Money back? It all depends

    "And anyway what would any self respecting telecom company monitor your usage for spikes, that's how they make all that obscene profit."

    They do monitor your usage. I'm a low usage business customer but have on occasion had large spikes in usage. On each occasion BT have contacted me to confirm that I am aware of the sudden high usage and that I should expect a large bill. On one occasion, because they could not contact me, they barred the phone from all but local calls until I contacted them to get the phone unbarred.

    Oh, and its nothing to do with missing a bill payment as my bill is paid in full every quarter by direct debit.

  10. Anonymous Coward

    who would monitor for spikes?

    "And anyway what would any self respecting telecom company monitor your usage for spikes"

    I used to work for a telecoms company that did.

    Its a really good idea to do so. Firstly if your customer disputes their bill it isnt going to be settled and paid until the dispute is resolved. Secondly if the dispute goes against the telecoms company they get screwed with the bill especially when international calls are concerned. The traffic might be "free" on their own network but there are interconnect charges to be paid once the call transfers off to someone elses.

    On teh other hand a sudden unseasonal drop in call volume can indicate a number of things including the posibility that they may be transfering to another provider without telling you or that they may be about to fold and go under. Both of these are really important to know if you want to get paid

    That said. The guy is a dick. Did he not think to question what option 36 was?

  11. Anonymous Coward

    Regulate the buggers

    Where else do you run up a bill without any way of finding out what it is or setting a limit like "if it goes over xxx let me know". I'd sign up in a flash for a "warn me when the cost of a call goes over 5 pounds" option but this seems to be a case were giving the customer what they want isn't of any interest to the telcos.

    Yes I got screwed once subletting a flat where the owners didn't have an international calling plan and we ended up paying $2/minute for calls for a couple of months until the owners bothered to forward a bill. One phonecall to switch the plan would have saved us a packet.

    I see no reason why regulators shouldn't oblige them to offer free options like "text me if my monthly bill goes above twice the average" and the like.

  12. John Colman


    I feel a bit sorry for this guy. Security issues aside, almost every telecomms billing system on the market has a "high spend" feature so it stands to reason that his provider would have known something was wrong. If they sold him this feature when he joined them, then he shouldn't have to pay...

  13. Kenny Millar

    I agree

    He shouldn't have to pay a penny.

    Even if he had no password at all, that doesn't make it OK to steal his service.

    If I leave my door open and someone burgles my house, that doesn't make it LEGAL to burgle my house does it? Theives will all rot in hell anyway.

  14. John Bayly

    He's being somewhat realistic

    "Davison says he shouldn't have to pay the whole amount": At least he's willing to pay some of the cost. Wonder who set the phone system up for him?

    @AC "Money back?"

    Credit card comapnies call you if there's out of the ordinary purchases being made, why not phone companies? In both cases you've got credit from a provider for services, and then pay a bill later.

  15. Daniel Garcia

    Plan A

    1 dont pay

    2 go to court

    3 ??????

    4 Profit

  16. Anonymous Coward

    unauthorised computer use

    case for the rozzers, trace the inbound calls and you have a lead..

  17. Dave P

    Reverse Charges

    I cases like this, if the recipient # is known, then reverse the billing (plus a service charge). That would tend to stop this type of hacking very quickly.

  18. Anonymous Coward
    Paris Hilton

    Even better, he sold VOIP solutions!

    The guy's company (from CBC News) was Hub Computer Solutions. One of the services they offer is VOIP solutions. They also offer "Security and Protection".

    Great advertising -- "Yeah, VOIP is great. We use it in our office. Of course, last month we ended up getting a 50 grand telephone bill because somebody hacked it. But otherwise, it saves us lots of money."

    Ya gotta wonder about some people. Paris because she knows all about getting her phone hacked...

  19. Chad H.

    @ Theft Comments

    Actually, if someone broke into your house you wouldnt expect the telecomms company to pick up the call charges.

    Thats why you have home insurance.

    I dont think that will cover this though.

  20. Anonymous Coward

    @John Bayly

    Credit card companies call you because they're liable for any fraudulent use (with the usual caveats) so it's in their best interests to ensure that transactions are legitimate.

    Telco's don't give a f**k if it's legit coz you're going to have to pay.

  21. Anonymous Coward


    Where they ordering more air-bags perhaps?

  22. Anonymous Coward

    Voicemail Exploits

    When I worked for a Telco this happened to one of their customers in London

    Calls that were hitting voicemail and then breaking out by dialing 9

    The first time it happened after 6pm Friday until Midnight Sunday the bill was £5500

    (All International calls)

    After the monthly bill arrived we were called in to investigate and BT started to monitor usage

    We found out the the voicemail was incorrectly programmed by the installing engineer

    So for the whole month they had OVER £22K of international calls.

    It's worth noting that the v/m was 8 ports and lines were ISDN 30 Channels

    I'm not sure if BT let them have a discount or anything but our engineer was fired

    and we think that he was the one who was exploiting the v/m and selling the info

    Well he was a tw@t anyway

    Can I have my coat please, it's cold in here!!

  23. Matthew
    Thumb Down


    Well I'm with Vodafone NZ, and I just put a $200 cap on my bill, so phone just stops any services that are chargeable (I.e. free minutes and texts still apply) when the bill reaches $200.

    Has saved me from some big bills sometimes :-)

    (due to our data being 10c/kb until recently this year)

    More regulation in this industry is needed.

  24. Anonymous Coward
    Anonymous Coward


    I work for a company that got hit by this, and it's not necessarily about the victim being at fault for having bad security. Most people, even IT savvy ones, cannot understand telecoms systems, so they rely on specialists to set them up. In our case, that meant not being told that the function was active or that it still had the manufacturer's default password set. It was not a function that had been asked for or one that was wanted.

    We found out after £15k had been run up in 48 hours. We were lucky in that as we're lawyers the telecoms company didn't argue too much about paying the bill, but not everyone has that clout.

  25. This post has been deleted by its author

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019