Fairfax tech media have been left with “egg on their face” according to Vodafone officials after they claimed in January that the records of millions of consumers had been exposed on the Internet and that criminal gangs were accessing the data.The Australian Privacy Commission revealed today that none of the records were exposed on the Internet as claimed by Fairfax.
In the original story which has been described as a “beat up and plain lies” by Vodafone, Fairfax journalist Natalie O’Brien claimed that the personal details of millions of Vodafone customers, including their names, home addresses, driver’s licence numbers and credit card details have been publicly available on the internet in what is being described as an ”unbelievable” lapse in security by the mobile phone giant.
She went on to claim that Fairfax was aware of criminal groups paying for the private information of some Vodafone customers to stand over them, however she failed to produce any evidence that this was the case to either Vodafone, when asked, or to the Privacy Commission.
Earlier today the Privacy Commission said that there had been lapses inside Vodafone’s corporate network which is used by their dealers, but not externally, as claimed by Fairfax.
The Privacy Commission report said: “Contrary to media reports, Vodafone’s internal investigation confirmed that no login IDs, passwords or customer data were ever available on the internet or on the Vodafone website. The Privacy Commissioner can find no evidence that this information was available on the internet or Vodafone’s website”.
Also embarrassed by the findings is Professor Michael Fraser, the head of the Australian Communications Law Centre at the University of Technology, Sydney, who after being fed inaccurate information by Fairfax journalists said that the so called leak of millions of records appeared to be a major breach of the company’s privacy obligations and ”unbelievably slack security”.
”The fact you can look up anybody as easily as that seems to be a gross breach of privacy and resulting in an almost negligent exposure to criminal activity,” said Professor Fraser at the time.
Even when the Privacy Commission exonerated Vodafone from exposing personal data to the general public via the Internet Fairfax journalist Ben Grubb continued to try and spin the story.
Earlier today he claimed that Vodafone did not have an “adequate level” of security in place to protect the personal information of customers it held in its computer system and therefore breached privacy laws, the Privacy Commissioner has found.
“He failed to mention that Fairfax were blatantly wrong” when they claimed that the records had been exposed on the Internet.
Greg Spears the head of Communications at Vodafone said: “The Fairfax story was a beat up. It was wrong and the Privacy Commission has found no evidence that Vodafone records were exposed to the general public via the Internet.”