BREAKING NEWS
5-year-old missing, possibly abducted in Palmerston North ... Read more
Close

Vodafone privacy breach 'serious'

LIAM HYSLOP
Last updated 20:26 08/07/2014

Relevant offers

Industries

Pornhub's whale advocacy won't actually help the whales all that much Sir Bob Jones buys Leaders building in central Wellington for $3.7m More signs of softening Auckland housing market: Westpac Shareholders Association warns Wynyard motion would give company 'carte blanche' Bell Tea buys Christchurch's Hummingbird coffee company SkyCity convention centre deal starting to pay off 4500 new homes in latest announcement of Special Housing Areas Solid Energy has decision "pending" on whether to close Stockton Sex-tech entrepreneur Cindy Gallop says NZ could 'clean-up' in industry Emirates releases Auckland to Dubai pricing

Vodafone is experiencing a serious privacy breach - people with a master password are able to access private customer information, including credit card details.

The loophole was discovered by a new Vodafone customer, who said he accidentally accessed another Vodafone customer's account with the password when he was trying to get into his.

"Everything from personal information, their phone number, their internet usage, credit card details," said the man who did not want to be named.

"You name it, you could view it and edit it."

All a person needed was the password and a login ID and they could access the details online.

The man called Vodafone's contact centre on Friday to alert it to the breach and said he spent three "obnoxiously frustrating" hours on the phone.

"It came to the point where their manager said they would call me on Monday but they didn't and I don't think they really understood the gravity of the situation.

"I can still log in to other people's stuff but it also means my information is not secure.

"I tried calling them again today but got put on hold again."

Netsafe executive director Martin Cocker said it was a serious privacy breach and one which Vodafone would be urgently working on fixing.

The breach could be an issue to do with standardised passwords given to new users but could also be attributed to a number of other reasons, he said.

"Not having seen the back end of it it is hard to comment on what the actual failing is.

"The important thing is at the front end there is an important security issue and therefore it needs to be resolved."

When contacted by Fairfax Media tonight, a Vodafone spokesman said it was not aware of the breach but, given the seriousness of the topic, would look into it as a matter of urgency.

Ad Feedback

- Stuff

Special offers

Featured Promotions

Sponsored Content