Vodafone investigates reported security breach - Polidicks

[img]http://delimiter.com.au/wp-content/uploads/2011/01/handonkeyboard.jpg[/img] Image credit: Jakub Krechowicz, royalty free Source: [url]http://delimiter.com.au/2011/01/09/vodafone-investigates-reported-security-breach/[/url] [release]Mobile telco VHA this afternoon said it was investigating an alleged breach of its security which has reportedly seen customers’ personal information — including details of who they called and when — made available to some individuals who have gained password access to its internal customer database for its Vodafone brand. The Sun-Herald reported this morning that each Vodafone store had a username and a password for access to the customer database — and that the login details may have been passed on to external sources. A journalist for the Sun-Herald, “sitting in a western Sydney business” with a laptop and someone who knew the login, was able to access all of her personal details on the system — including her name, address, driver’s licence number, date of birth, PIN number and her entire call and SMS list. A VHA spokesperson, however, denied the alleged breach meant customer details were “publicly available on the internet”, as the newspaper had reported. “Customer information is stored on Vodafone’s internal systems and accessed through a secure web portal, accessible to authorised employees and dealers via a secure login and password,” they said. “Any unauthorised access to the portal will be taken very seriously, and would constitute a breach of employment or dealer agreement and possibly a criminal offence.” The telco said it would be conducting a “thorough investigation of the matter” itself and would refer the issue to the Australian Federal Police if appropriate. In addition, the telco stipulated that it took customer information and data security extremely seriously and was concerned to hear about the alleged breach. “All passwords have been reset and a review is being undertaken of the training and process as an additional precaution,” the telco said. VHA’s director of customer service and experience, Cormac Hodgkinson, also posted a message on the company’s Vodafone blog, reassuring customers that their information wasn’t publicly available on the internet — and that it was actually available only via secure web portal. The alleged security problems — if true — are just the latest in a string of issues at VHA in relation to its Vodafone brand. Over the past few months the company has faced a tsunami of complaints from users about drop-outs and patchy network access, that has resulted in one local law firm preparing to sue in the telco, in a class action attack which has already attracted some 9,000 interested customers. The focus for the customer rage over the period has been Vodafail, a fledgling website set up by Sydneysider Adam Brimo to highlight his personal problems with Vodafone. Today, someone — presumably Brimo — posted an update on the site describing the alleged security problem as being “deeply concerning”. “We believe it warrants a serious and prompt investigation by the Australian Communication and Media Authority,” wrote Vodafail. “If you are concerned about the privacy of your personal information, we have set up a page detailing who you should contact to file a complaint. We aim to provide further updates on this situation as it develops. Vodafone has just emailed us stating that they have briefed all their staff on the situation and will be releasing more information.”[/release] Additional Source: [url]http://www.news.com.au/business/vodafone-mobile-records-leaked-onto-the-internet/story-e6frfm1i-1225984462550[/url] [release]* Vodafone customer details leaked on web * Full extent of privacy breach not known * Unbelievably slack security, says expert THE personal details of millions of Vodafone customers have been available on the web in what is described as an "unbelievable" lapse in security by the mobile phone giant. The details include names, home addresses, driver's licence numbers and credit card details. Fairfax newspapers say criminal groups have paid for the private details of some Vodafone customers to blackmail them. Other people have obtained logins to check their spouse's communications. The personal details, accessible from any computer because they are kept on an Internet site rather than Vodafone's internal system, include numbers dialled or texted, plus the time and location of calls or texts. The full extent of the privacy breach is unknown, but it is possible that thousands of people have logins that can be passed around and used to gain access to the accounts of about four million Vodafone clients. Michael Fraser, head of the Australian Communications Law Centre at the University of Technology Sydney, said it seems to be a major breach of the company's privacy obligations and "unbelievably slack security". "The fact you can look up anybody as easily as that seems to be a gross breach of privacy and resulting in an almost negligent exposure to criminal activity," said Professor Fraser, who is also head of the Australian Communication Consumer Action Network. A Vodafone spokesman said the company has ordered an immediate investigation and review of its security. Vodafone retailers say each store has a system username and password, and access is shared among staff and changed every three months.[/release] This is turning into a shitstorm for Vodafone, who as usual, are denying everything and doing nothing. Their response: [url]http://blog.vodafone.com.au/blog/news/vodafone-customer-data-security/[/url]

I'm with Vodafone.. cheapass iphone plans. :v:

Vodafone is cheap as shit and yet their service quality is terrible. Half the time my call gets dropped because of stupid maintenance bullshit that they do [b]ALL THE TIME[/b]. It's like bigpond but with phones.

[QUOTE=DireAvenger;27298000]Vodafone is cheap as shit and yet their service quality is terrible.[/QUOTE] Not to mention their Customer Service team. Spent two and a half hours on the phone with them, a majority of that on hold, and still didn't get a resolution

I don't believe the data actually leaked. People have been searching for it, and have yet to find a trace of it. Another Fairfax media "exclusive" on nothing but bullcrap.

[QUOTE=DireAvenger;27298000]Vodafone is cheap as shit and yet their service quality is terrible. Half the time my call gets dropped because of stupid maintenance bullshit that they do [b]ALL THE TIME[/b]. It's like bigpond but with phones.[/QUOTE] Lol that's the exact opposite in Ireland, Vodafone is dearest but best quality here.