Australia’s largest telecommunication company, Telstra, has been fined after the data leaking incident of 15,775 customers from 2009 and earlier. It was reported that the data was accessible on the internet at that particular time. The Office of the Australian Information Commissioner (OAIC) and the Australian Communications and Media Authority (ACMA) discovered that Telstra has breached privacy laws after several spreadsheets containing Telstra customer data dating back to 2009 was discovered via Google search and was quickly removed by Telstra. The company also released an apology for this incident.
‘This incident is a timely reminder to all organisations that they should prioritise privacy. All entities bound by the Privacy Act must have in place security measures to protect personal information,’ said Privacy Commissioner Timothy Pilgrim, one day ahead of major changes to the privacy act coming into force.
Following this incident, Telstra agreed to conduct several actions, including exiting the software platform on which the breach occurred, establishing a clear policy for central software management, and reviewing contracts with third parties relating to personal information-handling. In relation to this breach, Telstra has paid a fine of $10,200.
“The ACMA welcomes Telstra’s agreement to the Privacy Commissioner’s recommendations. Telco providers are in a position of trust with respect to their customers’ details and with it comes a weighty responsibility—a fact reflected in the outcomes mandated by the TCP Code”, said Chris Chapman, the ACMA Chairman.