Wednesday, November 24, 2010
Telstra admits to another privacy breach
Telstra has admitted to breaching the privacy of some of its customers only after being contacted by this website. "Most, if not all, affected customers (less than 3000) have been rung over the past week or so," said Telstra spokesman Craig Middleton.
Those affected were using Telstra's Tribe service, a platform which aggregates social media including Facebook, MySpace and Twitter. Some customers' social networking sites that were accessed using Tribe could be accessed by other Tribe customers, Telstra said.
After being contacted by this website, Telstra published a blog post announcing the breach. "This is just so that people who read [the] story can find out info from us," Mr Middleton said
Telstra recently came under fire for being investigated by both the communications and privacy watchdogs after it sent out 220,000 letters that contained account information belonging to other customers.
It also came under fire in April, when technology website ZDNet Australia reported it breaching the privacy of 700 customers.
Advertisement: Story continues below
"I’m accountable for Telstra’s approach to social media and all that goes with it. The good, the bad and the downright unfortunate," said Telstra's Kristen Boschma in the blog post.
"So I need to tell you something went awry with a service we offer called Tribe," she said. "We found a fault in the security for our Tribe service. Some customers’ pages could be accessed by other customers. We discovered instances where customers would have had the ability to access other customers’ Tribe accounts. In a couple of cases we were also contacted by customers to say that they received a Tribe alert meant for another user.
"To Telstra it is unacceptable that a customer’s privacy might be breached."
Boschma said Telstra has taken "direct and immediate action" to rectify the problem. "We suspended Tribe for a couple of days while we fixed it," she said. "It’s now back up and working like it’s meant to and we’ve already tried calling most affected customers directly. We’re continuing to contact all remaining affected customers. "Sorry for any inconvenience, this is not want we want for our customers but I’m glad the service has been restored."