DataBreaches.net

DataBreaches.net

The Office of Inadequate Security

Menu
  • Breach Laws
  • About
  • Donate
  • Contact
  • Privacy
  • Transparency Reports
Menu

Vodafone denies customer records publicly available on Internet – while seemingly acknowledging a breach

Posted on January 9, 2011 by Dissent

In response to allegations published yesterday of a serious security breach that may have left millions of Vodafone customers’ personal details and credit card information at risk, Vodafone announced that it is investigating the allegations but denies that customer records are publicly available on the Internet:

The AAP also reports:

The mobile phone company has reset all passwords for its web portal, used by employees and dealers.

[…]

A Vodafone spokesman said the company was concerned to hear of the alleged breach.

“Vodafone’s customer details are not ‘publicly available on the internet’,” he said in a statement today.

“Customer information is stored on Vodafone’s internal systems and accessed through a secure web portal, accessible to authorised employees and dealers via a secure login and password.

Read more on news.com.au

But while Vodafone seems to be denying a breach – or at least some of the allegations – other coverage suggests that Vodafone has acknowledged that there has been a breach. Vienna Ma reports:

According to Vodafone chief executive Nigel Dews, the company was concerned to hear of the alleged breach, and an internal investigation is underway to work out who breached the system and how, and refer the matter to the Australian Federal Police if appropriate.

Vodafone has confirmed it believes its secure customer database has been breached by an employee or dealer who has shared the access password, revealing the personal details of millions of customers.

The mobile phone company has reset all passwords for its web portal, used by employees and dealers.

Dews said a full report will be delivered to him on Monday, but at this stage, he does not believe it is a widespread problem.

Read more on Trading Markets.

Peter Martin and Lucy Battersby also report that the breach denial is not a total denial:

‘It appears what has happened is that somebody shared a password,” Vodafone chief executive Nigel Dews told The Age. ”It appears to be a one-off breach and we have got out internal investigators looking into it right now. We reset our passwords last night and we are resetting them every 24 hours until that investigation is complete.”

[…]

Mr Dews declined to say whether Vodafone kept logs of every access, saying he did not want to hand out information that could help hackers.

Read more in the Sydney Morning Herald.

Related Posts:

  • AU: Mobile security outrage: private details…
  • NZ: Vodafone privacy breach 'serious'
  • Update: Vodafone alerts privacy watchdog
  • Vodafone information glitch 'bad privacy breach'
  • AU: Vodafone dealer shuts down after expose

Post navigation

← FL: Credit-card skimmer found in Melbourne gas pump
What is the Cost of a Missing Laptop? →

1 thought on “Vodafone denies customer records publicly available on Internet – while seemingly acknowledging a breach”

  1. Matthew Elvey says:
    January 10, 2011 at 1:58 pm

    I’m quite familiar with such antics.
    It’s all about PR shills using carefully crafted phrases.
    Imagine that crooks break into Fort Knox are seen loading heavy boxes into a truck with a forklift and speeding away.
    Has gold been stolen from Fort Knox? Well, it’s possible that it wasn’t gold in the boxes…

    So, PR shills would be expected to say that there’s no evidence that gold was stolen from Fort Knox.

    Here’s a similar example, which I’m involved in: http://caringaboutsecurity.wordpress.com/2008/07/11/whats-this-all-about/

Comments are closed.

Sponsored or Paid Posts

This site doesn’t accept sponsored posts and doesn’t respond to requests about them.

Have a News Tip?

Email:

Breaches[at]Protonmail.ch
Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Telegram: @DissentDoe

Browse by News Section

Latest Posts

  • If you’re in Rock County, Wisconsin, do NOT read this post. Absolutely do not read this post.
  • PA: Great Valley School District Falls Victim to Ransomware Attack
  • MT: Personal information of 900 Butte School District employees compromised in cyberattack
  • Pacific Cataract and Laser Institute confirms cyberattack
  • OAIC alleges Australian Clinical Labs hack resulted from lacklustre security measures
  • Proliance Surgeons notifying 437,392 patients after ransomware attack earlier this year
  • After $50 Million Breach, KyberSwap Faces Hacker’s Shocking Demands
  • Hendersonville city employees target of cybersecurity breach

Please Donate

If you can, please donate XMR to our Monero wallet because the entities whose breaches we expose are definitely not supporting our work and are generally trying to chill our speech!

Donate- Scan QR Code   Donate!

Social Media

Find me on Infosec.Exchange.

I am also on Telegram @DissentDoe.

RSS

Grab the RSS Feed

Copyright

© 2009 – 2023, DataBreaches.net and DataBreaches LLC. All rights reserved.

HIGH PRAISE, INDEED!

“You translate “Nerd” into understandable “English” — Victor Gevers of GDI Foundation, talking about DataBreaches.net

©2023 DataBreaches.net