More Than One Telco Appears to risk private Information disclosure

In August we wrote a Blog Getting more than you bargained for in this article we talked about an experience of purchasing an SIM card for an iPad with one of Australia’s largest Telco’s. At the time we raised concern about the lack of security in the process and the way in which store staff were able to access the private information from the Telco’s billing database using basic passwords from an unsecured windows machine across the internet.

It appears that this major telco is not the only one that is using this method of accessing customer records. Last week there were many articles published in Australian news papers about a potential security breach at Vodafone.

Articles can be found here:

Dealer, employee likely behind vodafone Leak.
Vodafone maybe liable on privacy breach.

Whilst I’m concerned about staff and former staff passing their credentials to access the confidential private records what is of more concern is the potential for a compromised Windows workstation at the retail store to give a hacker access to many more credentials and to access the online database’s without even being detected.

Perhaps another class action will bring this issue to the Telco’s attention.

Posted by Stewart on 10 Jan 2011 | 0 comments
Tagged with Blog, Opinion

Comments

Post new comment

Your name: *

E-mail: *

The content of this field is kept private and will not be shown publicly.

Homepage:

Comment: *

• Node images can be embedded in this post. Format: [image:ID:TYPE:ALIGN:CAPTION]
  TYPE: thumb display logo
  ALIGN: left right center none
  CAPTION: <insert new> desc (image description) none
  Examples: [image:8:thumb:right:none] [image:12:display:none:Sunset]
• You can use Textile markup to format text.
• Adds typographic refinements.

More information about formatting options

4

What code is in the image?: *

Enter the characters shown in the image.