Reevesey's recommended reading

Saturday 21 November 2009

T-Mobile personal data sale scandal update

As it is a few days since my original post about this I thought I would check the T-Mobile website again since they haven't had the decency to respond to my email asking whether my data was compromised.

This update is now available on their website;

"Update

T-Mobile takes the protection of customer information seriously. When it became apparent that contract renewal information was allegedly being passed on by an employee to third parties without our knowledge, we alerted the Information Commissioner’s Office. Working together with the ICO, they conducted an extensive investigation which we believe will lead to a prosecution.

We believe that this breach happened between July 2007 and November 2008 and that it was only contract renewal data that was passed on. While it is deeply regrettable that customer information has been misappropriated in this way, it should be noted that the stolen data did not include call records, financial data, password details or any other information that would enable someone else to access customers’ personal details.

Since the breach of information occurred more than a year ago, we believe that the current impact on customers will be minimal. We continue to support the ICO to help stamp out what is a problem for the whole industry.

T-Mobile Forum team"

What annoys me is that they are being so dismissive, "we believe....that it was only contract renewal data...was passed on", so, they don't actually know what data their own staff were accessing to sell on.

I hope the Information Commissioner fines T-Mobile as well as jailing the person who actually did the deed as it were, plus the brokers, because they clearly knew they were breaching data protection legislation.

2 comments:

Ryan said...

I'm not sure why you think T-Mobile should be fined. As with any call centre environment it can be very easy for employes to extract data, which whilst useful for offical purposes can be more useful to third parties.
If T-Mobiles systems have managed to track the logins of the staff breaking the law, have called in the SFO and handed over this information they are fulfilling their duty.
As with the BNP membership lists, it's not the BNP themselves at fault, but those who used the data illegally.

Andrew Reeves said...

Partly because they still aren't contacting the customers that were affected and reassuring them.

Also it actually appears that customers were contacting them at the time and then being ignored!

Related Posts with Thumbnails