Adrian Lamo has done it again. After digging through some trash (I guess he was bored?) and coming up with some pertinent customer information and an "unpublished" URL he was able to access customer information of Cingular users.

The URL was not password protected. It seems that an assumption was made that because the URL was unpublished that only people who were given the address would go to it or have a reason to view it so it didn't need security.

The documents found in the trash should have been shredded as well to prevent something like this from happening.

Here is the article: Wired.com Article