Telstra apologises after customer records appear online

Spreadsheets containing phone numbers, names and home addresses were able to be accessed using Google search

Telstra has issued a formal apology to affected customers after phone numbers, names and home addresses contained in spreadsheets were found online during a Google search.

SMS Broadcast owner, Lee Gaywood, contacted the Sydney Morning Herald and said that he found the data when searching on Google for telco carrier access codes. According to Gaywood, he needs to know the codes for his SMS service to work.

Telstra took the files offline on 15 May after being notified of the breach by Fairfax, according to the SMH report.

A Telstra spokesman told Computerworld Australia that the company takes customers’ privacy “very seriously” and it was investigating the issue.

“We have since removed access to the data and early indications show is it is generally the same type of information you can find publically in the white pages, and we believe at this point it's more than six plus years old,” he said.

The spokesman added that that the Privacy Commissioner, Timothy Pilgrim, had been fully informed.

Telstra customer service executive director Peter Jamieson said in a blog posting that it was “not acceptable” for the incident to have occurred.

“I apologise and assure everybody that we’ll find out exactly what has happened here and do everything we can to make sure this does not happen again,” he said.

According to Jamieson, the telco was taking steps to identify affected customers and work with them on an individual basis.

“Additionally, we will be contacting all customers whose information was inadvertently made available.”

Telstra has been investigated by the Privacy Commissioner twice for data breaches in the past three years.

The first investigation took place on 28 October 2010 when Telstra told the Office of the Australian Information Commission (OAIC) that a mailing list error had resulted in approximately 220,000 letters with incorrect addresses being mailed out.

Telstra disclosed that this error may have caused the personal information including names and telephone details of some of its customers to be improperly disclosed.

Following his investigation into the matter, the Privacy Commissioner concluded that Telstra had breached National Privacy Principle (NPP) 2 by disclosing the personal information of some of its customers to unauthorised third parties.

On 12 December 2011, Pilgrim was on the case again after Telstra’s customer service website was openly accessible on the Internet.

The telecommunications company said it was made aware of the privacy breach and disabled its online billing, BigPond self-care and My Account functions on its website.

Account details including account numbers, phone numbers and credit card details of just fewer than one million Telstra customers were potentially compromised by the breach.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Blog Posts

5 cornerstones of a strong digital culture

Creating a strong company culture may sound like a daunting task, but it’s actually pretty straightforward. In fact, company culture is created in exactly the same fashion as a religion or democracy. Behaviours created from the organisation’s inception are reinforced over time by leadership, attracting like-minded people and eventually reaching critical mass to become an accepted ‘truth’.

Anthony Stevens

Founder and CEO, Digital Asset Ventures

Should you rebuild your company’s tech stack in blockchain?

The question I get asked most regularly these days is: ‘Do I need to rebuild my company’s systems on Blockchain?’ And the answer, every time, is ‘No, you’re asking the wrong question’.

Michelle O'Keeffe

CEO, Engaging.io

Customer value proposition: Getting the brand promise to your customers right

Throughout my career, I have witnessed a litany of brand names that profess to have a unique customer value proposition (CVP). In reality, however, they’ve had little more than a ‘value proposition’: A simple list of benefits applied to a general audience.

Ric Navarro

Global director of marketing and communications, Norman, Disney & Young

Hi there! Thanks for this interesting article! I love to read about new technology and software that makes our lives easier. I'm looking ...

Julia Summer

Wartsila overhauls Web platforms to create ‘seamless’ brand experience across all devices

Read more

RE: Sales and marketing SLAs, often the choke point isn't the teams but them getting the data into the tools they want to use with the da...

Ed Fry

Why sales and marketing alignment is more important than ever

Read more

Thank you for the good and very helpful information. It is very interesting. I love all the things you share and see your beautiful creat...

รัตนาวดี ภูมิวรรณ

Former eHarmony marketing chief joins telco startup

Read more

Colin Kaepernick, not Mike Kapernick.

thisisw

Zenith's innovation leader: Mid-digital age not benefitting media, brands or consumers

Read more

AGA KHAN HOSPITAL is in need of kidney donors for the sum of 2 crore, Contact us today if you want to sell your kidney for money, and thi...

Sebastian Friedrich

Mindshare gets behind blockchain advertising alliance

Read more

Latest Podcast

More podcasts

Sign in