Avoiding Vodafone's Wikileaks moment

What an unhappy New Year for Vodafone! News emerged across the weekend that customers' personal information has been leaked thanks to dealer log-ins on the loose. This comes on top of a planned class action suit against Vodafone alleging poor 3G service quality.

What an unhappy New Year for Vodafone! News emerged across the weekend that customers' personal information has been leaked thanks to dealer log-ins on the loose. This comes on top of a planned class action suit against Vodafone alleging poor 3G service quality.

According to at least one information security expert, Vodafone's apparent problem isn't so much that customer details were being accessed "over the internet", but that poor database design would allow anyone with a valid log-in to view all the personal details of every customer.

In Patch Monday this week, Paul Ducklin, Sophos' head of technology for the Asia-Pacific region, compares Vodafone's situation with the US Government's problem with Wikileaks: that even relatively low-level access to the system provides access to a vast quantity of supposedly secret information. And part of the problem is that many organisations collect and store too much private information to begin with.

As usual, Patch Monday also includes my random look at last week's IT news.

To leave an audio comment for Patch Monday, Skype to stilgherrian or phone Sydney 02 8011 3733.

Running time: 29 minutes, 27 seconds

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All