Personal Data Of 60,000 Telstra Customers Exposed To Web

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/insider-threat/167801100/security/privacy/232300392/personal-data-of-60-000-telstra-customers-exposed-to-web.html

By Tim Wilson
Dark Reading
Dec 12, 2011

Unencrypted data on some 60,000 customers of Telstra -- one of 
Australia's largest telecommunications carriers -- has been found easily 
accessible on the Web.

According to news reports, a user found the database after doing a Web 
search for a Telstra customer support phone number.

The page has been disabled, but users who saw the file said they were 
able to find Telstra's customer database based on the customer's last 
name, account number, sales force ID, or reference number, according to 
the reports.

The file contained information on what broadband plan the users are on, 
what other Telstra services they're using, and notes on customers' 
accounts, including usernames and passwords, the reports said. It also 
contained data about technician visits, SMS messages sent to private 
mobile numbers, and credit check details.

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn