Telstra apologises after customer records appear online

Spreadsheets containing phone numbers, names and home addresses were able to be accessed using Google search

Telstra has issued a formal apology to affected customers after phone numbers, names and home addresses contained in spreadsheets were found online during a Google search.

SMS Broadcast owner, Lee Gaywood, contacted the Sydney Morning Herald and said that he found the data when searching on Google for telco carrier access codes. According to Gaywood, he needs to know the codes for his SMS service to work.

Telstra took the files offline on 15 May after being notified of the breach by Fairfax, according to the SMH report.

A Telstra spokesman told Computerworld Australia that the company takes customers’ privacy “very seriously” and it was investigating the issue.

“We have since removed access to the data and early indications show is it is generally the same type of information you can find publically in the white pages, and we believe at this point it's more than six plus years old,” he said.

The spokesman added that that the Privacy Commissioner, Timothy Pilgrim, had been fully informed.

Telstra customer service executive director Peter Jamieson said in a blog posting that it was “not acceptable” for the incident to have occurred.

“I apologise and assure everybody that we’ll find out exactly what has happened here and do everything we can to make sure this does not happen again,” he said.

According to Jamieson, the telco was taking steps to identify affected customers and work with them on an individual basis.

“Additionally, we will be contacting all customers whose information was inadvertently made available.”

Telstra has been investigated by the Privacy Commissioner twice for data breaches in the past three years.

The first investigation took place on 28 October 2010 when Telstra told the Office of the Australian Information Commission (OAIC) that a mailing list error had resulted in approximately 220,000 letters with incorrect addresses being mailed out.

Telstra disclosed that this error may have caused the personal information including names and telephone details of some of its customers to be improperly disclosed.

Following his investigation into the matter, the Privacy Commissioner concluded that Telstra had breached National Privacy Principle (NPP) 2 by disclosing the personal information of some of its customers to unauthorised third parties.

On 12 December 2011, Pilgrim was on the case again after Telstra’s customer service website was openly accessible on the Internet.

The telecommunications company said it was made aware of the privacy breach and disabled its online billing, BigPond self-care and My Account functions on its website.

Account details including account numbers, phone numbers and credit card details of just fewer than one million Telstra customers were potentially compromised by the breach.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Latest Videos

More Videos

Great piece Katja. It will be fascinating to see how the shift in people's perception of value will affect design, products and services ...

Paul Scott

How to design for a speculative future - Customer Design - CMO Australia

Read more

Google collects as much data as it can about you. It would be foolish to believe Google cares about your privacy. I did cut off Google fr...

Phil Davis

ACCC launches fresh legal challenge against Google's consumer data practices for advertising

Read more

“This new logo has been noticed and it replaces a logo no one really knew existed so I’d say it’s abided by the ‘rule’ of brand equity - ...

Lawrence

Brand Australia misses the mark

Read more

IMHO a logo that needs to be explained really doesn't achieve it's purpose.I admit coming to the debate a little late, but has anyone els...

JV_at_lAttitude_in_Cairns

Brand Australia misses the mark

Read more

Hi everyone! Hope you are doing well. I just came across your website and I have to say that your work is really appreciative. Your conte...

Rochie Grey

Will 3D printing be good for retail?

Read more

Blog Posts

How to design for a speculative future

For a while now, I have been following a fabulous design strategy and research colleague, Tatiana Toutikian, a speculative designer. This is someone specialising in calling out near future phenomena, what the various aspects of our future will be, and how the design we create will support it.

Katja Forbes

Managing director of Designit, Australia and New Zealand

The obvious reason Covidsafe failed to get majority takeup

Online identity is a hot topic as more consumers are waking up to how their data is being used. So what does the marketing industry need to do to avoid a complete loss of public trust, in instances such as the COVID-19 tracing app?

Dan Richardson

Head of data, Verizon Media

Brand or product placement?

CMOs are looking to ensure investment decisions in marketing initiatives are good value for money. Yet they are frustrated in understanding the value of product placements within this mix for a very simple reason: Product placements are broadly defined and as a result, mean very different things to different people.

Michael Neale and Dr David Corkindale

University of Adelaide Business School and University of South Australia

Sign in