Pay Tel data breach has exposed sensitive personal information, including hundreds of thousands of driver’s licenses. The Pay Tel data breach occurred when a cloud server, storing identity documents and photos, was left unprotected on the internet. Customers of the prison calling service were required to upload identification documents and profile photos. Consequently, these files were accessible online due to the lack of password protection.

Pay Tel data breach

Security researchers with UpGuard discovered the Pay Tel data breach. They reported the exposed server, which stored at least 300,000 government-issued identity documents. Furthermore, the breach also included inmate communications, text messages, handwritten notes, and even financial records. Many photos revealed precise locations, sometimes even a user’s home address.

Pay Tel received an alert about the exposure from UpGuard on May 7. However, days passed before the company secured the server. The company has not acknowledged the incident publicly. It is still unclear if affected individuals will be notified by Pay Tel or if authorities will be informed according to state data breach laws.

Additionally, this is the second security lapse at Pay Tel in as many years. Previously, a ransomware attack targeted the company in June 2025. As reported by TechCrunch, many companies, including Pay Tel, continue to misconfigure systems and leave private data exposed. The recurring nature of these incidents suggests a concerning pattern in data security practices.

Tags: Pay Tel data breach, Pay Tel security incident, exposed driver’s licenses, prison calling service breach, cloud data exposure, identity theft risk, UpGuard security report, personal information leak