Vodafone terminates staff over data breach
January 14, 2011
Vodafone fired several employees in NSW after a breach in its customer information database led to a leak of private data.
The company said it continues to investigate the matter and is attempting to determine if an employee misused the password or sold it to criminals outside the company. The telecommunications firm said in a statement yesterday that a number of staff had been terminated and the information had been passed on to the NSW Police.
Vodafone would not release any details as to how many staff workers were fired because of the incident. In a move to preempt any further leaks, the company is changing the database password every 24 hours.
Nigel Dews, chief executive of the company said that an independent security firm had also been brought in to review the systems.
Australia’s Privacy Commissioner has opened his own investigation into the matter. However, under existing laws he cannot fine the company since it has launched its own independent investigation into the breach.
Communications Consumer Action Network stated that consumers should remain concerned regarding privacy breaches. Vodafone is also facing a class action lawsuit in a matter related to reception and service.
I wonder how Vodafone found out about the breach of security? I would like to think they found it during the course of a due diligence audit, it’s more likely that a customer discovered (Bank statement?) that there personally identifiable date (PII) was compromised.