Recommend Print

Legal matters

Vodafone slammed by Privacy Commissioner

By Ryan Jon Dunn
Thursday, 17 February 2011

Vodafone failed to properly protect individuals’ data in its recent customer privacy debacle, the Privacy Commissioner has ruled.

 

In January a lost password is believed to have allowed online access to thousands of Vodafone customers’ private details, including credit card and call records.

 

The Privacy Commissioner decided Vodafone was negligent with its customer database, but pointed out that the security breach wasn’t as serious as initially reported.

 

It was first believed that log-in details and passwords were available via Vodafone’s website.

 

"We found that the claims that customer information was available on the web weren't substantiated," Privacy Commissioner Timothy Pilgrim said in a statement.

 

"(We) can find no evidence that this information was available on the internet or Vodafone's website."

 

Siebel, the customer management system used by Vodafone, has functions that can detect strange usage patterns of the system.

 

It found that employees were sharing log-ins, which made features designed to detect misuse redundant.

 

“I was particularly concerned by Vodafone’s use of shared log-ins and passwords for staff and the broad range of detailed personal information available to them,” Pilgrim says.

 

Vodafone responded in a statement saying: “Any unauthorized access to the portal will be taken very seriously and would constitute a breach of employment or dealer agreement and possibly a criminal offence.”

 

Days after the initial allegations Vodafone fired an unspecified number of NSW employees who were believed to have caused the potential leaking of details.

 

Vodafone has promised to review its training and IT systems as well as resetting all passwords across its databases. Pilgrim was satisfied with changes being made by the telco.

 

"I would have to say that I did welcome the fact that Vodafone did deal with this promptly," he says.

 

Pilgrim took the opportunity to hammer home the importance of online systems security to other businesses.

 

“All businesses must take their customers’ privacy seriously,” he said.

 

“Systems should be up-to-date and secure, and staff should only have access to the information necessary for their work.”

 

The findings come at an interesting time for Vodafone.

 

As well the privacy breaches and customer backlash over poor phone reception, Roy Morgan has released figures revealing that Vodafone is now rated second last (only in front of Dodo) as the worst internet service provider in terms of customer satisfaction.

Comments (0)

Subscribe to this comment's feed

Write comment

You must be logged in to post a comment. Please register if you do not have an account yet.

busy

FREE DOWNLOAD - 101 tips for start-up entrepreneurs

Covering everything from starting up to sales to social media strategies, this advice forms a fantastic guide that will be of use to anyone starting up in business.


Register for the StartupSmart Newsletter and immediately receive '101 tips for start-up entrepreneurs'.


Your email please (*)

Invalid Input
101 tips for start-up entrepreneurs

Free Newsletter


Invalid Input
Join the StartupSmart community

Follow us

StartupSmart on Twitter StartupSmart on Facebook StartupSmart on LinkedIn

Subscribe to StartupSmart RSS feeds

Events


Sponsored Links

Our Partners