Telstra Admits New Security Breach
Telstra admitted another data breach over the weekend when customers' information were again displayed online through a spreadsheet inadvertently deployed by one of the giant telco's consultants.
According to The Australian, the incident happened Friday morning but Telstra had successfully contained the leak one hour its attention was called.
In a statement it released on Saturday, Telstra said that its IT experts immediately scrambled to take down the site that hosted the spreadsheet, which the company said were made available for training and coaching of its staff.
Telstra told The Australian that thousands of emails addresses, phone numbers and postal details were displayed but the company stressed that "have no reason to believe it contained passwords or credit or financial information."
The document, Telstra said, was mainly used for keeping records of BigPond clients who contacted the telco's customer service department for technical assistance.
At least 1500 Telstra customers were affected by the accidental breach, the telco revealed, adding that their privacy were not compromised despite the leak.
"Our customers' privacy is paramount and the site was disabled within an hour of Telstra being made aware of it," a Telstra spokeswoman was quoted by The Australian as saying.
As its previous measures, Telstra assured that customers affected by the breach will be properly advised about the incident and will receive support for possible counter-measures to correct the error.
All pertinent agencies will also be notified about the matter, the company said, including the Privacy Commissioner, which has already an ongoing probe on an earlier security issue that Telstra encountered earlier in December.
The latest incident mark the second security breach for Telstra in less than a month as some 800,000 customers were affected when private information maintain by the company became accessible via the telco's website search tool.
The information exposed included passwords that prompted the company to reset up to 60,000 passwords of its customers in the immediate aftermath.
Security experts said that Telstra's new security issue could warrant another investigation from the Privacy Commissioner, which is expected to wind up its inquiry on the last incident this month.