Vodafone fires employees in wake of security breach

Vodafone has terminated a number of employees in the wake of its investigation into the alleged leaking of customer data at the weekend week. The telco has also confirmed NSW Police is investigating the issue.

Vodafone said in a statement that it had also undertaken a review of IT systems security, processes and training, and had implemented a number of new security measures.

“Security can always be improved and the additional measures being implemented as a result of our review will increase security and further limit the risk of people doing the wrong thing,” the telco’s chief executive, Nigel Dews, said in a statement.

“Some of the initiatives we had already planned for this year are being brought forward and we will also be conducting an additional independent security review.”

The company also stressed that its customer records were not publicly available or stored on the internet and credit card details held in their database were protected.

Dews’ comments follow the sending of an email to customers, which sought to reassure subscribers that information, including credit card details, remained encrypted and secure.

"We are conducting a full investigation into the alleged incident and as a priority, can assure you that your information is not publicly available on the internet and your personal credit card details are encrypted, secure and cannot be viewed by store staff," Vodafone's director of customer service and experience, Cormac Hodgkinson, said in the email.

The "alleged incident" came to light this week when media reports claimed Vodafone customer data had been leaked and was publicly available over the internet.

Among the allegations was Vodafone staff were being bribed into providing customer information, including credit card details, to people outside the organisation.

Industry pundits have this week labelled the privacy breach a lesson for all companies holding sensitive information, according to industry commentators.

The Australian Privacy Commissioner, Timothy Pilgrim, also confirmed that his office would be investigating the telco as a result of personal information of four million customers becoming available on its website.