Australian mobile operator Telstra is in hot water after a list of details belonging to its users was found on the Internet, according to a report by the Sydney Morning Herald.
The database, which was freely available online, contained a range of information, including account numbers, details of broadband plans and other Telstra services signed up to and notes relating to the accounts, which includes the usernames and passwords of some customers. Information relating to technical support visits, messages sent to customer mobile numbers and credit check data was also included.
The company has subsequently removed the data from the Web, where it was visible to anyone, and resolved to investigate how it was made available:
Telstra takes its customers’ right to privacy very seriously and is taking immediate action to resolve this issue. We will investigate and keep our customers fully informed.
While a later comment included an apology:
We apologise to customers who may have been impacted by this issue. Telstra takes its customers privacy seriously. The site has been disabled and a full investigation is underway. Telstra will brief the Privacy Commissioner.
It is as yet unclear how many accounts’ details were made available, or who the database was accessed by, but the issue is certain to upset customers whose personal details were freely available online.
This is not the first time that the company has let customer details slip by mistake. In October, a database mix up saw it send 220,000 letters containing account information to other customers’ addresses across the country.