Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

BDFL - Memuneh
64468 posts

Uber Geek

Lifetime subscriber

# 180602 15-Sep-2015 07:21
Send private message

From The Guardian (and other sources): Vodafone Australia admits searching journalist's phone records (I wouldn't call "hacking" as in they didn't have to hack anything, did they?)

Vodafone Australia has admitted an employee hacked a journalist’s phone records in an attempt to uncover her sources for stories, but the telecommunications company denies any “improper behaviour”, despite internal emails suggesting it deliberately misled authorities about systemic privacy breaches.

O’Brien – herself a Vodafone customer – reported that Vodafone’s Siebel data system was vulnerable to hacking, and that the data of millions of customers was available online and easily accessible through generic passwords that were being shared around the company and publicly.

Customers’ home addresses, driver’s licences and credit card details were all available online, O’Brien wrote, and criminal groups were paying for customers’ private information.

She said the stories she wrote were “in the public interest”, and the vulnerability in Vodafone’s system serious enough that both the Information and Privacy Commissioner and the Australian Communications and Media Authority launched independent investigations.

“The shock and anger is only compounded knowing it was because I was doing my job that I was targeted and it was my own telco that was doing it to me. Since when did telling the truth become the wrong thing to do?”

An internal Vodafone email, reported by the Australian, shows the company was aware of the extent of the security breaches and the potential legal and reputation damage of hacking a journalist’s phone.

The head of fraud management and investigations for Vodafone Group, Colin Yates, wrote to then global corporate security director Richard Knowlton that there was a “huge risk” to the company if the hacking of O’Brien’s phone “gets into the public domain”.

I had a fair share of requests over the years from companies asking for the identity of people posting proprietary or confidential material on Geekzone. I can't obviously disclose this type of information without being in breach of the Privacy Act.

We know of internal investigations that caused a few people to lose jobs and on different telcos around - but that's a few years old now. There's a big difference between posting confidential pricing information and exposing problems. One is a case of trust breach the other is whistleblowing.

I do expect the report not to have been published before Vodafone was warned and had time to fix it - although it doesn't sound like it.

That's one of the reasons I have set our messages pages to be accessible only via HTTPS. But over the years more and more information has arrived either via WhatsApp and very few via voice calls - great as I really dislike talking on phone and rather have things documented.

Posting this on Off Topic as this is not a Vodafone New Zealand topic.

Create new topic


10872 posts

Uber Geek

  # 1387857 15-Sep-2015 13:09
2 people support this post
Send private message

My feeling is telcos lack auditing in this area.

Baby Get Shaky!
1641 posts

Uber Geek


  # 1388029 15-Sep-2015 17:04
Send private message

gzt: My feeling is telcos lack auditing in this area.

Fair point.

My Two cents: I would question how difficult it would be to effectively audit an organisation with thousands of employees, most of whom would make dozen's of accesses to customer information daily in the scope of their normal duties. I'm sure (just an educated assumption here) that most Telco's, or organisations that hold large swatches of personal information, would have a list of customers who would set off an audit if their information was accessed (take high profile public figures etc). I'm sure most organisations would also practice/publicise random audits and have policies that would indicate as such. Regular audits on someone who under takes hundreds of transactions would be a nightmare, not just in a financial sense but also in a time management sense. As someone who has access to a lot of private information and accesses it frequently in the course of my duties (sometimes hundreds of queries a day) I know that when an audit happens I will be spending a large part of my day justifying my actions and not a lot of time doing anything else. For my employer they have to balance to requirement to meet their obligations under the Privacy Act with their requirement to actually get things done.

Create new topic

Twitter and LinkedIn »

Follow us to receive Twitter updates when new discussions are posted in our forums:

Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:

Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:

News »

Facebook Portal to land in New Zealand
Posted 19-Sep-2019 18:35

Amazon Studios announces New Zealand as location for its upcoming series based on The Lord of the Rings
Posted 18-Sep-2019 17:24

The Warehouse chooses Elasticsearch service
Posted 18-Sep-2019 13:55

Voyager upgrades core network to 100Gbit
Posted 18-Sep-2019 13:52

Streaming service Acorn TV launches in New Zealand with selection with British shows
Posted 18-Sep-2019 08:55 announces partnership with smartphone manufacturer HTC
Posted 16-Sep-2019 21:30

Finalists Announced for Microsoft NZ Partner Awards
Posted 16-Sep-2019 19:37

OPPO Showcases New CameraX Capabilities at Google Developer Days China 2019
Posted 15-Sep-2019 12:42

New Zealand PC Market returns to growth
Posted 15-Sep-2019 12:24

Home sensor charity director speaks about the preventable death which drives her to push for healthy homes
Posted 11-Sep-2019 08:46

Te ao Maori Minecraft world set to inspire Kiwi students
Posted 11-Sep-2019 08:43

Research reveals The Power of Games in New Zealand
Posted 11-Sep-2019 08:40

Ring Door View Cam now available in New Zealand
Posted 11-Sep-2019 08:38

Vodafone NZ to create X Squad
Posted 10-Sep-2019 10:25

Huawei nova 5T to be available 20th September
Posted 5-Sep-2019 11:55

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.