The Australian Privacy Commissioner has launched a formal investigation into the Telstra data breach which made the telco’s private customer information accessible to the public online.
Confidential Telstra customer data were made public with information such as account number, private phone numbers and credit check details exposed last Friday. The breach affected Telstra bundled services customers.
The error was raised by a user of Internet forum, Whirlpool, and was first reported by The Sydney Morning Herald.
Telstra swiftly moved in to resolve the issue, disabling several internal and customer facing systems and issuing password resets for 60,000 accounts.
The telco notified the Privacy Commissioner, which has launched a formal investigation into the matter.
Telstra has reassured the commission the problem has been fixed and the personal data of its customers are no longer in the public space.
“I have asked that Telstra also provide me with a detailed written report on the incident, including how it occurred, what information, if any, was compromised and what steps [it has] taken to prevent a reoccurrence,” Privacy Commissioner, Timothy Pilgrim, said in a statement. “I will consider all the information provided by Telstra and hope to be in a position to issue an investigation report in late January 2012.”
This incident was reminiscent of the Vodafone customer data breach earlier in the year which the Privacy Commissioner also investigated.
One of the biggest customer data leaks this year concerned Sony PlayStation which led to the exposure of names, addresses and possible credit card data of 77 million PlayStation Network users.