Telstra breaches privacy of nearly 16,000 customers
Published on: 11th Mar 2014
Note -- this news article is more than a year old.
Australia's Telstra has been found to have breached the privacy of nearly 16,000 of its customers following a website flaw that left their details available to see found on the internet.
Between February 2012 and May 2013, the information of 15,775 Telstra customers from 2009 and earlier was accessible on the internet. This included the information of 1,257 active silent line customers.
"This incident is a timely reminder to all organisations that they should prioritise privacy. All entities bound by the Privacy Act must have in place security measures to protect personal information," said Privacy Commissioner Timothy Pilgrim.
Following the breach, Telstra agreed to undertake a number of actions, including exiting the software platform on which the incident occurred, establishing a clear policy for central software management, and reviewing contracts with third parties relating to personal information-handling.
"The ACMA welcomes Telstra's agreement to the Privacy Commissioner's recommendations," said ACMA Chairman Chris Chapman. "Telco providers are in a position of trust with respect to their customers' details and with it comes a weighty responsibility -- a fact reflected in the outcomes mandated by the TCP Code."
Telstra has also paid an infringement notice for $10,200 in relation to Telstra's contravention of the ACMA's earlier direction to comply -- which is the amount provided for in the relevant telecommunications legislation.