Ihug snag causes e-mail breach

An Ihug glitch resulted in a privacy breach when e-mails were directed to wrong accounts.

Vodafone spokesman Paul Brislen said hardware had failed during an upgrade of Vodafone-owned ihug's e-mail server last Thursday. Access to e-mail providers was delayed and those customers who had used ihug's webmail service as an alternative could see the subject and sender or recipient of e-mails belonging to other customers.

Mr Brislen said customers could not read the e-mails, though, because clicking on them produced a blank page.

"A couple of customers rang up to say, `Hang on, I'm getting e-mails in webmail that aren't mine', so we pulled it offline." A "couple of hundred" clients may have seen the e-mails.

Vodafone did not know how many customers were logged on or how long the problem persisted.

Stuff blogger Juha Saarinen said he believed the problem had not been fixed for about 14 hours.

Privacy Commissioner Marie Shroff said those affected should contact Vodafone or the Office of the Privacy Commissioner with their concerns. She had not heard from Vodafone but understood the breach was accidental. She would not say if Vodafone should have notified her of the breach. Under privacy breach guidelines, organisations should inform the commissioner of "material breaches".

"Breaches like these can occur quite easily and it underlines the need for Internet service providers and others to take particular care."

She said Vodafone had acted promptly to resolve the error and that had minimised the harm.

Mr Brislen said Vodafone would consider reimbursing customers case by case.

- © Fairfax NZ News