Security of critical phone database called into question

Federal officials fear that national security may have been jeopardized when the company building a sensitive phone-number database violated a federal requirement that only US citizens work on the project. The database is significant because it tracks nearly every phone number in North America, making it a key tool for law enforcement agencies seeking to monitor criminal or espionage targets. Now Telcordia, a Swedish-owned firm, is being compelled to rewrite the database computer code — a massive undertaking — to assuage concerns from officials at the FBI and Federal Communications Commission that foreign citizens had access to the project.

These officials fear that if other countries gain access to the code, they could reap a counterintelligence bonanza, learning the targets of US law enforcement and espionage investigations. The security rewrite began in March after the agencies learned that a Chinese citizen with a US work permit had helped write the system code, said individuals familiar with the matter who spoke on the condition of anonymity to discuss a sensitive matter. Seven other foreign citizens, including a British engineer, also worked on the project, although it was the Chinese engineer who raised red flags for officials. In a separate development, a former Telcordia employee in New Jersey alleged in a civil lawsuit made public recently that he was fired in retaliation for blowing the whistle on a foreign worker. Put together, these incidents raise a broader question about the security of a database that is perhaps the most important cog that most people have never heard of in the communications network.