Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT tid,hits,start_time FROM biztimes_stats.stats_articles_au WHERE tid='542767' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT cmt_count FROM ib_articles_counts WHERE id='542767' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT * FROM ib_sources WHERE id='3001' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT * FROM ib_articles_options WHERE article_id='542767' Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT article_id FROM ib_topics_index WHERE tid='506' ORDER BY id DESC LIMIT 10Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT article_id FROM ib_topics_index WHERE tid='394' ORDER BY id DESC LIMIT 10Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT * FROM ib_rates WHERE article_id='542767' LIMIT 1 Telstra Fined For 'Compromising' Privacy of Customers - International Business Times

Telstra Fined For 'Compromising' Privacy of Customers

  • Rate this Story
  • 0
  • 0

By Pavithra Rathinavel | March 11, 2014 7:51 PM EST

Telstra has inadvertently published the personal data of nearly 16,000 customers compromising the privacy of its customers.

The personal data of customers were made available via Google search which took the user to the source material. Spreadsheets with personal data were indexed by Google and available for free on the Web. These were some of the compromised data - customers' names, business' names, phone numbers and addresses, as per ABC news

ceoworld
telstra logo

As per Lifehacker, the breach came to light around May 2013, but the report is out only today.

A Fairfax journalist reported the Telstra customer data had been published. The journalist alerted the telco and informed the Office of the Australian Information Commissioner (OAIC). The OAIC launched a year long investigation into this case with the Australian Communications and Media Authority (ACMA), and the reports are out today.

As per the reports, the agency found Telstra made the information of nearly 16,000 customers available over a period of 15 months during 2012 and 2013.

In a report released on Tuesday, Australian Privacy Commissioner Timothy Pilgrim found the telco had breached privacy laws by releasing the information and failing to take reasonable steps to secure it. He also noted Telstra "acted appropriately in responding to the data breach."

Telstra had already been found guilty in the previous offense in 2011 involving more than 700,000 customers. It was hit with a fine of $10,200, notably a very small amount compared to the humugus damage caused. Based on reports, an external auditor will review at the end of June whether Telstra has fixed all the underlying problems, as claimed by Lifehacker.

"This incident is a timely reminder to all organisations that they should prioritize privacy" owing to the fact that there are too many data breaches happening across the world. Target Retail Stores' POS data breach debacle is another example, Pilgrim added.

Telstra said it has now fixed the problem and it agreed to take actions, including exiting the software platform on which the breach happened. It has vowed to come up with a clear policy for "central software management," and review contracts with "third parties" relating to customer data handling.

Points to be Noted

1) Telstra's data management had been outsourced to an unnamed third-party vendor. 

2) Even though the data breach was exposed in February 2012, Google did not index it until June 2012. This meant Telstra had enough time to react and take necessary actions had they been more proactively monitoring its deployment, it might have avoided the data being indexed, as reported by Lifehacker

To contact the editor, e-mail:

(Photo: ceoworld / )
telstra logo
Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT id FROM ib_slideshows WHERE timestamp>1413956999 AND hits>0 AND outkey='Y' ORDER BY hits DESC LIMIT 10Host 'subweb.ibtimes.com' is not allowed to connect to this MySQL serverSELECT id FROM ib_slideshows WHERE timestamp<1413956999 AND timestamp>1413697799 AND hits>0 AND outkey='Y' ORDER BY hits DESC LIMIT 10
  • Rate this Story
  • 0
  • 0

Join the Conversation

IBTimes TV
E-Newsletters

We value your privacy. Your email address will not be shared.