Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




207 posts

Master Geek
+1 received by user: 32


Topic # 150025 8-Jul-2014 20:59
Send private message

http://www.stuff.co.nz/business/industries/10246091/Vodafone-privacy-breach-serious




 

 

 


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3 | 4 | 5
BDFL - Memuneh
59188 posts

Uber Geek
+1 received by user: 10421

Administrator
Trusted
Geekzone
Subscriber

  Reply # 1084414 8-Jul-2014 21:00
One person supports this post
Send private message
5319 posts

Uber Geek
+1 received by user: 1501

Trusted

  Reply # 1084417 8-Jul-2014 21:04
Send private message

Interesting.

I am assuming this is mobile side. All fixed line passwords are randomly generated.

 
 
 
 


BDFL - Memuneh
59188 posts

Uber Geek
+1 received by user: 10421

Administrator
Trusted
Geekzone
Subscriber

  Reply # 1084419 8-Jul-2014 21:05
2 people support this post
Send private message

The article is badly written. Not expecting to have a full description of the exploit but the information provided is lacking really - it doesn't make much sense. 





700 posts

Ultimate Geek
+1 received by user: 143


  Reply # 1084423 8-Jul-2014 21:20
3 people support this post
Send private message

I read it as if he got access to one other customers account, can't quite get the link that everyone's accounts are accessible...

435 posts

Ultimate Geek
+1 received by user: 135


  Reply # 1084426 8-Jul-2014 21:23
Send private message

people with a master password are able to access private customer information, including credit card details.


But, uh, that's what a "master password" is made for...(?).

-A

2069 posts

Uber Geek
+1 received by user: 505


  Reply # 1084447 8-Jul-2014 21:57
Send private message

CustomerZone or the other system I wonder?

1059 posts

Uber Geek
+1 received by user: 739

Subscriber

  Reply # 1084457 8-Jul-2014 22:16
Send private message

If the allegations in the article are true, the complainant really should get the Privacy Commissioner's office involved. The public needs some assurance that this matter is being properly attended to and given VF's attitude towards customer service, I am not optimistic. However, at this stage we don't even know if this supposed breach is any such thing.



635 posts

Ultimate Geek
+1 received by user: 133


  Reply # 1084458 8-Jul-2014 22:17
Send private message

Well it's on Stuff etc so we will see a press release tomorrow that's a bit more clear no doubt

597 posts

Ultimate Geek
+1 received by user: 132


  Reply # 1084523 9-Jul-2014 05:49
Send private message

The article smells of BS.

Master password? Who even has or has had those? Master accounts, sure, but master passwords? Don't think so.

Also, why and how does he have the master password?

A more plausible story would be that he was at an icafe and happened to be at a computer where the previous user was a Vodafone customer that hadn't logged out.




Regards
Stefan Andres Charsley

What does this tag do
864 posts

Ultimate Geek
+1 received by user: 163

Subscriber

  Reply # 1084530 9-Jul-2014 07:28
Send private message

Sounds like (from the article) that someone was setup with a default password, which they discovered would also let them into other users accounts who hadn't bothered to change their password

409 posts

Ultimate Geek
+1 received by user: 99


  Reply # 1084534 9-Jul-2014 07:57
One person supports this post
Send private message

Article now removed......


smells like carp to me




 The views expressed by me are not necessarily those of my employer


5319 posts

Uber Geek
+1 received by user: 1501

Trusted

  Reply # 1084536 9-Jul-2014 08:01
Send private message

jnimmo: Sounds like (from the article) that someone was setup with a default password, which they discovered would also let them into other users accounts who hadn't bothered to change their password


Its been deleted now.
Most likely people are setting their passwords to something guessable and he just came across one.

496 posts

Ultimate Geek
+1 received by user: 93


  Reply # 1084540 9-Jul-2014 08:11
Send private message


Its been deleted now.


Still in the business section, just isn't on the front page

Clint

496 posts

Ultimate Geek
+1 received by user: 93


  Reply # 1084541 9-Jul-2014 08:15
One person supports this post
Send private message

TimA: Interesting.

I am assuming this is mobile side. All fixed line passwords are randomly generated.


Interestingly he says he can see the credit card details - when i log in to "My Vodafone" for my mobile account, i can only see the first few numbers, no expiry date and certainly not the CSC.

If he did have access to accounts i don't think he has as much info as he thinks he does

CLint



372 posts

Ultimate Geek
+1 received by user: 124


  Reply # 1084546 9-Jul-2014 08:47
One person supports this post
Send private message

clinty:
TimA: Interesting.

I am assuming this is mobile side. All fixed line passwords are randomly generated.


Interestingly he says he can see the credit card details - when i log in to "My Vodafone" for my mobile account, i can only see the first few numbers, no expiry date and certainly not the CSC.

If he did have access to accounts i don't think he has as much info as he thinks he does

CLint




Yeah the credit card info bit sounds wrong to me. Even with access to VF CRM tools you can't actually see a full credit card number. At least not with the tools I use. I've always assumed that's pretty much standard practice for any company these days.




Please note: I have a professional bias towards Vodafone.

 1 | 2 | 3 | 4 | 5
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

New Zealand government to create digital advisory group
Posted 16-Dec-2017 08:47


Australia datum changes means whole country moving 1.8 metres north-east
Posted 16-Dec-2017 08:39


UAV Traffic Management Trial launching today in New Zealand
Posted 12-Dec-2017 16:06


UFB connections pass 460,000
Posted 11-Dec-2017 11:26


The Warehouse Group to adopt IBM Cloud to support digital transformation
Posted 11-Dec-2017 11:22


Dimension Data peeks into digital business 2018
Posted 11-Dec-2017 10:55


2018 Cyber Security Predictions
Posted 7-Dec-2017 14:55


Global Govtech Accelerator to drive public sector innovation in Wellington
Posted 7-Dec-2017 11:21


Stuff Pix media strategy a new direction
Posted 7-Dec-2017 09:37


Digital transformation is dead
Posted 7-Dec-2017 09:31


Fake news and cyber security
Posted 7-Dec-2017 09:27


Dimension Data New Zealand strengthens cybersecurity practice
Posted 5-Dec-2017 20:27


Epson NZ launches new Expression Premium Photo range
Posted 5-Dec-2017 20:26


Eventbrite and Twickets launch integration partnership in Australia and New Zealand
Posted 5-Dec-2017 20:23


New Fujifilm macro lens lands in New Zealand
Posted 5-Dec-2017 20:16



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.