Although the federal government and local law enforcement agencies nationwide use private data brokers, the FBI said that practices used by these companies to gather private phone records without warrants or subpoenas is illegal, according to an Associated Press article on Chron.com.A senior FBI lawyer, Elaine N. Lammert, told lawmakers the bureau was still surveying agents around the United States, but so far has found no “systemic” use of data brokers by the FBI.The AP reports that Lammert, the bureau’s deputy general counsel for its investigative law branch, told a congressional panel: “There are compelling reasons for the government to believe that these operations violate federal law.”Lawmakers agreed. According to Rep. Joe Barton, R-Texas, head of the House Energy and Commerce Committee, they “compromise sensitive law enforcement information, compromise operational security or maybe just violate the Constitution.” The article reports that internal corporate documents turned over to Congress by some data brokers include e-mails in which workers described efforts to impersonate targets of investigations to trick telephone carriers into revealing private calling records.The AP reported Tuesday that numerous federal and local law enforcement agencies have bypassed subpoenas and warrants designed to protect civil liberties and gathered phone records from data brokers, who nearly always turned over the information for free. Compiled by Paul KersteinKeep checking in at our Security Feed page, or subscribe via RSS, for updated news coverage. Related content brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security news Gitlab fixes bug that exploited internal policies to trigger hostile pipelines It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. By Shweta Sharma Sep 21, 2023 3 mins Vulnerabilities Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe