Telstra Fined For 'Compromising' Privacy of Customers
By Pavithra Rathinavel | March 11, 2014 7:51 PM EST
Telstra has inadvertently published the personal data of nearly 16,000 customers compromising the privacy of its customers.
The personal data of customers were made available via Google search which took the user to the source material. Spreadsheets with personal data were indexed by Google and available for free on the Web. These were some of the compromised data - customers' names, business' names, phone numbers and addresses, as per ABC news.
As per Lifehacker, the breach came to light around May 2013, but the report is out only today.
A Fairfax journalist reported the Telstra customer data had been published. The journalist alerted the telco and informed the Office of the Australian Information Commissioner (OAIC). The OAIC launched a year long investigation into this case with the Australian Communications and Media Authority (ACMA), and the reports are out today.
As per the reports, the agency found Telstra made the information of nearly 16,000 customers available over a period of 15 months during 2012 and 2013.
In a report released on Tuesday, Australian Privacy Commissioner Timothy Pilgrim found the telco had breached privacy laws by releasing the information and failing to take reasonable steps to secure it. He also noted Telstra "acted appropriately in responding to the data breach."
Telstra had already been found guilty in the previous offense in 2011 involving more than 700,000 customers. It was hit with a fine of $10,200, notably a very small amount compared to the humugus damage caused. Based on reports, an external auditor will review at the end of June whether Telstra has fixed all the underlying problems, as claimed by Lifehacker.
"This incident is a timely reminder to all organisations that they should prioritize privacy" owing to the fact that there are too many data breaches happening across the world. Target Retail Stores' POS data breach debacle is another example, Pilgrim added.
Telstra said it has now fixed the problem and it agreed to take actions, including exiting the software platform on which the breach happened. It has vowed to come up with a clear policy for "central software management," and review contracts with "third parties" relating to customer data handling.
Points to be Noted
1) Telstra's data management had been outsourced to an unnamed third-party vendor.
2) Even though the data breach was exposed in February 2012, Google did not index it until June 2012. This meant Telstra had enough time to react and take necessary actions had they been more proactively monitoring its deployment, it might have avoided the data being indexed, as reported by Lifehacker.
To contact the editor, e-mail:
Most Popular Slideshows
- Still The World Champions: Team USA Overpowers Serbia, 129-92 To Win 2014 FIBA World Cup [PHOTOS]
- After Win Over Maidana, Mayweather Says He Is Prepared To Negotiate A Fight With Pacquiao
- From Fat To Fit: Celebrities Who Were Overweight Before They Became The Beauties That They Are
- Kendall Jenner Could Be Next Victoria's Secret Angel [PHOTOS]
Join the Conversation
- iOS 8 Release Date Of Sept 17 Has Arrived: Update Begins At 10AM Pacific Time, Upgrade Your iDevices With iOS 7.1.2 First To Install iOS 8
- Pregnant Kate Middleton May Call Off Malta Trip Due To Sickness: Royal Couple Will Move To Anmer Hall Residence
- Why Samsung Galaxy S5 Is Not The Best Smartphone To Purchase Now? If You Still Want To, Wait For A Month To Get It Cheap
- Apple iPad Air 2, iPad Mini 3 October Release Date Roundup: Freshly Leaked Protective Case Debuts Unique Vent Alongside Camera
- Ukraine Crisis: Poland Denies Supplying Weapons To Kiev
- Google Nexus 8 Release Date Countdown Begins Oct 8: 8 Killer Specs and Features to Expect
- Canadian IS Jihadist Who Wants to ‘Play Soccer’ with Heads of US Decapitated Soldiers