Pay Tel Security Lapse Exposes Over 300,000 Callers' Driver's Licenses
A significant security lapse at Pay Tel, a prison calling service, has resulted in the exposure of over 300,000 driver's licenses and other sensitive information. According to cybersecurity firm UpGuard, a Microsoft Azure-hosted storage server managed by Pay Tel was found to be publicly accessible without a password, allowing anyone on the internet to access the data. The exposed information includes scans of driver's licenses and other government-issued identity documents required for users to sign up for Pay Tel's services. Additionally, inmate communications such as text messages, handwritten notes, and financial records were also compromised. This incident marks the second known security breach for Pay Tel in recent years, following a ransomware attack in June 2025. Despite being alerted to the issue on May 7, Pay Tel has not publicly acknowledged the breach or indicated whether it will notify affected individuals or comply with U.S. state data breach notification laws. 
