Alinta Energy accused of customer data protection failure

Energy giant may not have sufficiently protected the personal information of its 1 million customers according to leaked documents revealed in join media investigation

protecting_data-100683751-orig.jpg
protecting_data-100683751-orig.jpg

Alinta Energy stands accused of potentially exposing the sensitive information of its 1.1 million customers because it lacks sufficient privacy protection systems. 

A joint investigation between the ABC’s current affairs show 7.30 and The Sydney Morning Herald and The Age has revealed leaked documents appearing to indicate the energy giant has not had appropriate compliance and privacy monitoring systems in place to safeguard personal information.

As a business with a retail customer base, Alinta holds a swathe of personal details on customers including names, addresses, birth dates, mobile phone numbers and financial details. Leaked documents obtained by the ABC and the two newspapers appear to show Alinta has not adequately protected this sensitive information.

The Chinese-owned energy giant's written responses to 7.30 questions were also shared with CMO and state that at the beginning of 2019, Alinta initiated an audit by an independent third-party to examine its approach to managing privacy across the organisation.

"The audit report confirmed a number of positive aspects of our approach alongside a number of opportunities to improve. Some elements, including the need for a privacy management framework, privacy officer, encryption standards and data strategy were highlighted and have been progressed," Alinta said in the statement

Alinta revealed in the statement it had one reportable data breach incident in January 2020 concerning a single individual and has met its compliance obligations in addressing the issue. "The OAIC was satisfied with the process and remediation and the matter has been closed," the statement read.

The sale of Alinta Energy, which took place in 2017, was approved by the Foreign Investment Review Board (FIRB), although it found the company's compliance and privacy monitoring systems appeared to be inadequate.

In its statement, Alinta confirmed the FIRB has approved a remediation plan and it is on track to complete the activities within the agreed timeframe.

"Alinta Energy is treated as being in compliance with the conditions imposed by FIRB, while it continues to implement remedial activities endorsed by FIRB. Remedial activities will be completed by Dec 2020, the statement said.

Alinta Energy said it undertakes annual reviews using a third party-auditor to evaluate its security and identify any areas of risk, and any significant risks which are identified are tracked through to conclusion.

"In addition, when there are any significant changes to customer facing systems we undertake web penetration testing and all significant findings are addressed prior to release to production. Alinta Energy has in place an ongoing program of investment focussed on improving our cybersecurity capabilities."

The Office of the Australian Information Commissioner, as well as the energy regulator, the Essential Services Commission are inquiring into Alinta’s processes following the story revealing it may not have adequately protected the personal information of its 1.1 million gas and electricity customers.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, follow our regular updates via CMO Australia's Linkedin company page, or join us on Facebook: https://www.facebook.com/CMOAustralia.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Latest Videos

More Videos

Modernization on marketing to promote products and business is really a big leap especially the age of social media. Thanks for sharing s...

Brayden Manchee

How National Tiles used digital personalisation to deliver 15 per cent of revenue online

Read more

Great write-up. I wrote an article about ASMR as well and the top ASMRtists:https://medium.com/illumina...

Dexx Mason

ASMR: Flash in the marketing pan, or something more?

Read more

Nice to be visiting your blog once more, it has been months for me. best mp3 converter

Yolanda R. Skillman

Melbourne Fashion Week: Using digital and insight to drive engagement and attendance

Read more

Typically I visit your web journals and get refreshed through the data you incorporate yet the present blog would be the most obvious bes...

Yolanda R. Skillman

What automated design is going to do to 3D printing and product customisation

Read more

I am overpowered by your post with such a decent theme. best mp3 converter

Yolanda R. Skillman

Report: Accountability key to marketing's influence in business

Read more

Blog Posts

Taking back control of your tech

To win in customer experience, brands need to take back control of their technology.

Michael Titshall

VP, managing director, R/GA Australia

Brands with internal customer insights capability will survive and even thrive

According to The Australian Bureau of Statistics, two-thirds of Australian businesses across all sectors have reported taking a hit to revenue or cash flow due to COVID-19. About one in 10 said they have paused trading altogether. In 70 per cent of cases, this was due to COVID-19.

Pip Stocks

CEO of BrandHook and founder of Hearsay

Before corona (BC) and after corona (AC)

Our corporate structures are long hardwired into our psyche and state of mind. Are years and years of engrained behaviour versus a few weeks of ‘new’ during COVID-19 really going to make that much impact?

Fiona Johnston

CEO, UM Australia

Sign in