Register now, it’s free to

  • Receive our enewsletter, read a recent issue
  • Enter competitions
  • Join our meeting place

Featured offers


Font size: A+ A-
Technology > Technology News > Telstra bungle exposes private information of 60,000 customers

Telstra bungle exposes private information of 60,000 customers

13th Dec 2011
Drew Patchell

The usernames, passwords, home addresses and full names of 60,000 Telstra bundle customers have been available online for anyone with the correct link to download, due to Telstra hosting sensitive data on a private database with no security protocols. While ex-employees of Telstra may have known the link, it was made public on Friday when a user of popular Australian community forum Whirlpool googled his own phone number and stumbled upon the database which seems to have recently been ‘indexed’ and put onto the map by Google.

Even more troubling is the fact that the same server hosted forms which could have allowed users to administer BigPond email addresses, including transferring them between accounts.

The ‘Telstra bundles request search’ tool was taken down one hour after the security breach hit the mainstream media websites on Friday and BigPond services remained blocked for most users for 24 hours. When access returned for BigPond customers, Bundle plan users’ passwords had been reset.

It beggers belief, but Telstra users were not notified and wouldn’t have known about the problem unless they contacted the help desk or found out about it through media outlets.

Vodafone was hit with a similar privacy breach earlier in the year when it was revealed Vodafone employees were using the same username and password to access customer information online, which meant there was little to no tracking processes in place to prevent misuse of the system.

Will you be considering a change of provider after such a privacy breach?





bevharro
13th Dec 2011
5:50pm
Absolutely unbelievable. I could not access my emails, said I had a problem. So I reset my modem, nothing changed. I was about to phone Telstra about this problem when I noticed on the Big Pond News website a comment made by a user about the site being taken down. There was NOTHING on the Big Pond site at all about this. Yesterday I noticed on the home page they had in bright red about there being a problem. Why did they not do this when the system was taken down. It would have saved them thousands of phone calls just for starters, apart from doing the right thing by their customers. A very sad state of affairs. I am about to change my password to access big pond account services right now.
rogerh
13th Dec 2011
11:12pm
It was no big deal to me. I don't use BigPond email. My email boxes and those of my family are on our own domain name and hosted by a site in the USA. I routinely change my passwords on all sites I log into for either my ISP (BigPond) or my VoIP providers sites. Get yourself a program called RoboForm and it can generate some really random number passwords for you and manage them too.
marirose
14th Dec 2011
7:41am
I cannot believe no one bothered to inform us. Surely all users have a phone contact, so we should have been informed individually and advised how to overcome the problem. My sister's email was reinstated in 48 hours, but 4 days later I was still waiting and only when I rang Telstra did I get information to restore it.
Very bad form Telstra. If I was not locked into a contract I would be looking elsewhere. I cannot believe that the money you rake in every month wouldn't supply the very best security software.
James
14th Dec 2011
12:20pm
This is not the only problem with TELSTRA security. Two weeks ago, I discovered that my prepaid mobile phone had been hacked and was being used to regularly download internet files. It took many hours over 4 days to get to someone in TELSTRA who was able to disable internet connection on my phone. One TELSTRA 'faults technician' effectively accused me of lying - I must have been doing it myself as it was impossible for anyone else to access my mobile in this way!
alfmar
14th Dec 2011
6:04pm
I rang customer support & as usual spoke to someone in India who advised that there was no problem {or outage ] as they call it. After being transferred to 2 other Indians I was finally told that there was in fact problems. Why didn't the first fellow know this.
To make a comment, please register or login


How to get your texts for free

How to get your texts for free

SMS is fast becoming the preferred means of communication between Australians and with a little know how, sending a text message need not cost you a cent.

Start texting for free

The 25 worst internet passwords

The 25 worst internet passwords

SplashData has released their “25 worst passwords of 2011” based on the most hacked passwords on the internet. The perennial favourite of “password” heads the list.

Are any of yours on there?

Beginner's Guide to Facebook

Beginner's Guide to Facebook

There are many facets to Facebook which are fun, social and actually somewhat addictive. It is a very entertaining way to keep in contact with friends and family, and with this simple guide, YOURLifeChoices will show you how.

Start connecting today!

Free Downloads and Games

Free Downloads and Games

Whether you want to recover lost files from your computer or camera, a free alternative to Microsoft word or just want to keep your passwords safe, Drew has a program for you.

They are all free!

Senior-friendly mobile phone

Senior-friendly mobile phone

The mobile phone market is saturated with choice, but it can still be difficult to find a phone that is suitable for senior Australians.

Simple and Easy