AAP General News (Australia)
01-09-2011
FED:Vodafone investigating alleged breach
MELBOURNE, Jan 9 AAP - Vodafone is investigating an alleged security breach but denies
customers' personal details are publicly available on the internet.
The mobile phone company has reset all passwords for its web portal, used by employees
and dealers.
Details including names, home addresses, driver's licence numbers and credit card details
have been available on the web in what has been described as an "unbelievable" lapse in
security, Fairfax newspapers reported.
The report said criminal groups have paid for the private details of some Vodafone
customers to blackmail them and other people have obtained logins to check their spouse's
communications.
It said the full extent of the privacy breach is unknown, but it is possible that thousands
of people have logins that can be passed around and used to gain access to the accounts
of about four million Vodafone clients.
A Vodafone spokesman said the company was concerned to hear of the alleged breach.
"Vodafone's customer details are not `publicly available on the internet'," he said
in a statement on Sunday.
"Customer information is stored on Vodafone's internal systems and accessed through
a secure web portal, accessible to authorised employees and dealers via a secure login
and password.
"Any unauthorised access to the portal will be taken very seriously, and would constitute
a breach of employment or dealer agreement and possibly a criminal offence."
The company would investigate the allegations and refer the matter to the Australian
Federal Police if appropriate, the statement said.
The spokesman added that all passwords had been reset and a review is being undertaken
of the training and systems procedures.
Michael Fraser, head of the Australian Communications Law Centre at the University
of Technology, Sydney, told Fairfax it seemed to be a major breach of the company's privacy
obligations and "unbelievably slack security".
AAP mn/vg
KEYWORD: VODAFONE UPDATE
� 2011 AAP Information Services Pty Limited (AAP) or its Licensors.
Комментариев нет:
Отправить комментарий