Telstra Fined For 'Compromising' Privacy of Customers
By Pavithra Rathinavel | March 11, 2014 7:51 PM EST
Telstra has inadvertently published the personal data of nearly 16,000 customers compromising the privacy of its customers.
The personal data of customers were made available via Google search which took the user to the source material. Spreadsheets with personal data were indexed by Google and available for free on the Web. These were some of the compromised data - customers' names, business' names, phone numbers and addresses, as per ABC news.
As per Lifehacker, the breach came to light around May 2013, but the report is out only today.
A Fairfax journalist reported the Telstra customer data had been published. The journalist alerted the telco and informed the Office of the Australian Information Commissioner (OAIC). The OAIC launched a year long investigation into this case with the Australian Communications and Media Authority (ACMA), and the reports are out today.
As per the reports, the agency found Telstra made the information of nearly 16,000 customers available over a period of 15 months during 2012 and 2013.
In a report released on Tuesday, Australian Privacy Commissioner Timothy Pilgrim found the telco had breached privacy laws by releasing the information and failing to take reasonable steps to secure it. He also noted Telstra "acted appropriately in responding to the data breach."
Telstra had already been found guilty in the previous offense in 2011 involving more than 700,000 customers. It was hit with a fine of $10,200, notably a very small amount compared to the humugus damage caused. Based on reports, an external auditor will review at the end of June whether Telstra has fixed all the underlying problems, as claimed by Lifehacker.
"This incident is a timely reminder to all organisations that they should prioritize privacy" owing to the fact that there are too many data breaches happening across the world. Target Retail Stores' POS data breach debacle is another example, Pilgrim added.
Telstra said it has now fixed the problem and it agreed to take actions, including exiting the software platform on which the breach happened. It has vowed to come up with a clear policy for "central software management," and review contracts with "third parties" relating to customer data handling.
Points to be Noted
1) Telstra's data management had been outsourced to an unnamed third-party vendor.
2) Even though the data breach was exposed in February 2012, Google did not index it until June 2012. This meant Telstra had enough time to react and take necessary actions had they been more proactively monitoring its deployment, it might have avoided the data being indexed, as reported by Lifehacker.
To contact the editor, e-mail:
Most Popular Slideshows
- Taylor Swift Named Forbes' Second Highest Paid Country Musician [PHOTOS]
- Forever Lost: Indescribable Anguish for Malaysia Airlines MH17 Families, Remains of Some Victims May Never Be Found (PHOTOS)
- Global Aviation Accidents: UN to Form Safety Task Force, Gov'ts Should Share Intelligence Info to Avert Future Incidents on Flying Over Warzones (PHOTOS)
- Lunch with the Gods: Pope Francis Eats with Vatican Workers in Cafeteria
Join the Conversation
- Toyota Tops World Sales of Cars, Sells Over 5K Million Vehicles in First Half of 2014
- Man Swindles Apple for $309,768 in 16 States
- Texas Man Selling Condo With ‘Funniest and Most Revealing Ad’
- Air New Zealand Pays $1000 to NZ9 Passengers After Three-Night Delay
- Qatar's Surging Real Estate Prices Won't Affect Thriving Economy – Report
- Andy Roddick and Mardy Fish Can't Play in the U.S. Open Due to Drug Testing Issues
- Billy Bob Thornton Want to Play Hodor in Game Of Thrones
- Fukushima Radiation Tests on Waters Along U.S. Coast Yield Negative Results
- Zac Efron Equates Boozing to a Social Stimulant, Admits Why He Checked into Rehab Last Year
- Celebrities Who Stripped Naked for Women's Health