Slashdot Mirror

← Back to Stories (view on slashdot.org)

Vodafone Australia Employee Searched Journalist's Phone Records To Find Source

Posted by Soulskill on from the chilling-effects dept.

An anonymous reader writes: In 2011, a journalist named Natalie O'Brien published a series of stories on security problems in Vodafone's Siebel data system. "Customers' home addresses, driver's licenses and credit card details were all available online, O'Brien wrote, and criminal groups were paying for customers' private information." Now, Vodafone Australia has admitted that an employee went through her phone and text records to try and figure out who her sources were within the company. O'Brien wrote, "The invasion of privacy is devastating. It plays with your mind. What was in those texts? Who were they to? What did they see? What did they do with the information?" Despite the admission, Vodafone has denied that it engaged in improper behavior (PDF). The company says it found no evidence the employee was directed to do so by management. That said, leaked emails show management became aware of the privacy breach and its potential repercussions as early as 2012.

8 of 65 comments (clear)

  1. "Just a totally rogue employee, not us" by NotDrWho · · Score: 1, Insightful

    ....says the CIA every time one of their agents is caught plotting an assassination, government overthrow, or arranging to help the rebels sell drugs for guns.

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.
  2. Way to take the initiative by DumbSwede · · Score: 5, Insightful

    So... some guy in the data-center just take it upon himself to go look up the info on some journalist, ‘cause you know that’s what IT guys do all day long, look up stuff on people with no direction.

    The company has very strict
    controls and processes around the privacy of customer information, and has appointed a dedicated privacy officer.

    So glad they have this in place, seems to be doing a bang up job. I can totally see how some low level employee would totally disregard this to dig up dirt on a Journalist and her accomplices. Because, you know, there’s so much in it for the low level employee.

    --
    Letter To Iran
  3. Not directed by management by U2xhc2hkb3QgU3Vja3M · · Score: 3, Insightful

    The company says it found no evidence the employee was directed to do so by management.

    Alright people, listen up! We have a spy in our ranks. We're not ordering or even asking anyone to search for the spy, but if one of you should happen to stumble into any bit of information about this, please keep in mind that we do offer a huge bonus.

  4. Re:Over the top by Luthair · · Score: 4, Insightful

    Precisely how would she remove records stored in the carriers data centre?

  5. Re:Over the top by Anonymous Coward · · Score: 2, Insightful

    I think she is simply making the most out of the situation for her own gain.

    Step 1: Deny. Deny. Deny.
    Step 2: Blame the victim.

  6. A perfect example by Somebody+Is+Using+My · · Score: 4, Insightful

    This case is a perfect example of why this sort of data should be encrypted on the device and in no way accessible to anyone except the owner. Because if there is a backdoor to this data, whether protected by "procedure" or a escrowed key, it /will/ be abused. If it is not the government abusing this privilege, then it will be by a corporation, or by an individual with a personal grudge, or by criminal elements (or even worse, by marketing departments!). It doesn't matter what sort of "controls" you put on those back-doors, ultimately they will be ignored and abused. The number of people who get "hacked" in this way may be low, but even one is too many.

    This case should be dredged up every time a law-enforcement agency insists that easy access to personal data are a necessity in this digital age. They claim that there are protections in place to prevent this sort of thing; evidence (and common sense) show that this is nonsense. The only way to prevent this sort of abuse is not to remove the temptation from third-parties entirely; make the data on the device (or service) inaccessible unless you have the key to decrypt it, and ensure the only the owner of the data has that key.

  7. You laugh but Costas Tsalikidis was found hanged by Anonymous Coward · · Score: 5, Insightful

    Funny, except for a few things:

    Vodafone have been revealed to be the major company helping GCHQ spy on its own people and allies.
    Vodafone was the mobile network that spied on Greece ministers during the Olympics.
    Costas Tsalikidis, their engineer was found dead (hanged) when the bugging was discovered.

    http://spectrum.ieee.org/telecom/security/the-athens-affair

    So yeh ha ha ha +5 funny.

  8. Re:anonymous cell phones by NostalgiaForInfinity · · Score: 4, Insightful

    There are no such thing as "burner phones" in Australia,

    Sure there are: you can violate the law to get them (consider it an act of civil disobedience). You can get a foreign SIM card (there are plenty of companies that offer those, and quite cheaply too). Journalists can set a phone swapping club. Or you can use smart phones and use text messages only to initiate communications on privacy-conscious chat services.