Telstra customer details exposed again

Telstra customer details exposed again

Summary: Telstra has again unwittingly exposed some of its customers' details on the internet, with a spreadsheet of customer details found online.


Telstra has again unwittingly exposed some of its customers' details on the internet, with a spreadsheet of customer details found online.

The Australian and Music Feeds this morning flagged a spreadsheet, containing around 1500 BigPond email addresses, postal addresses and telephone numbers, that was freely accessible online.

Telstra confirmed that this had been the case, but said that the site had been disabled within an hour of the company being made aware of it. It believed that the spreadsheet had been created by a consultant to use in training, and not for a malicious purpose. The Australian said that the site also had ticket numbers and descriptions of issues lodged by Telstra customers.

The telco said that there was no reason to believe that the spreadsheet contained passwords or credit card and financial information, but added that it would contact the customers whose details had appeared on the site.

This is the second privacy mistake that the telco has made in the last month. Earlier in December, a Whirlpool forum post revealed an internal Telstra tool that was meant for use by Telstra employees to search customer records by a customer's last name, reference number, billing account number or sales-force number, but wasn't protected by any authentication method, such as a password.

Using the tool, anyone could access information about a Telstra customer's Bundle orders, including their plan, billing account numbers, first and last names and notes about their account. Telstra closed access to the tool, and, as a precautionary measure, it also disabled its online billing, BigPond self-care and My Account functions on its website for a brief time, and reset the passwords of around 60,000 customers.

Topics: Security, Privacy, Telcos, Telstra

Suzanne Tindal

About Suzanne Tindal

Suzanne Tindal cut her teeth at as the site's telecommunications reporter, a role that saw her break some of the biggest stories associated with the National Broadband Network process. She then turned her attention to all matters in government and corporate ICT circles. Now she's taking on the whole gamut as news editor for the site.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Perhaps it's time to see Maurice Blackburn or Slater & Gordon about a class action?

    What do you reckon Syd, VasMas? Those could be OUR details!
  • Being without delusions of persecution I do not believe that the revelation by Suzanne will have any effect on me one way or the other. Of course those devious Telstra haters or those whose mind holds conspiratorial theories should feel free to go for broke and sue Telstra for the odd billion or two. Seasons greetings and goodwill to all indeed. Still, as Oscar Wilde said "there is only one thing in the world worse than being talked about, and that is not being talked about."
  • That was a joke Syd (although really not a laughing matter).

    A normal person would have said, LOL or yeah what's their numbers. But no, they can never do any wrong in your eyes and you will leap to their defence 24/7, even when, like now, undeserved.
  • Beta my answer was a joke also. Surely you do not think me such a pompous sycophantic dickhead as to believe that Telstra is always right and can have no faults.

    Anyway best of the festive season to you and also a bright, happy and healthy new year. We Australians really did win the lottery of life and we should never forget it.
  • First question, due to the festive season, no comment.

    Second, likewise and you're are absolutely right (for once...LOL)!
    • Yippeeeeee. I always knew that if I kept trying I would get something right. Lol and TFNBCDFS.
  • What is going on at Telstra Bigpond ??? I was the subject of another unpublished Bigpond data breach only a week or so ago, that resulted in a spam attack from Russian hackers ... that is now 3 breaches in 4 weeks that I know of.
    Carl Chapman
  • Yes it's ok for us to joke (hopefully we weren't affected too) but it really isn't good enough, regardless of which company it is.

    This is negligence at it worst and it is certainly not something which can be covered up by a few lifelong Telstra devotees/stakeholders and their standard lines, that anyone who doesn't bow at the Telstra alter is ergo a Telstra hater.

    Sincerely hope it all works out ok for you Carl!
  • Beta you know better than most that Telstra CEO David Thodey is genuine and determined in his effort to raise the bar on Telstra customer performance. You also know that in an operation as big and complex as Telstra problems will occur.

    David Thodey has programmed 800 million dollars to fix operational problems at Telstra and has employed the best technical experts available in the world. You know also that with human involvement errors occur. Telstra is on the ball with a speedy fix.
  • Yes he does seem to be, but tell that upbeat shareholder waffle to Carl, Sydney.
  • Beta, I am sure that those in control at Telstra will be cognisant of Carl's problems and will take immediate steps to rectify the mistake and apologise for it. This is not to justify the occurrence but to acknowledge human error and give Telstra the opportunity to take the necessary actions to avoid, in the future, a recurrence of this unfortunate event.
  • Yes let's hope they avoid a "3rd" recurrence!
  • you're quite lame, you know that? yaaaaaaaaah. agreed. I have a lot of injury stories to tell its amusing
    flex seal liquid rubber
    Blowing actual hard at a dandelion that has gone so that you can fuzz in addition to watching the fuzz float all over. This is amazing when it transpires and I actually believe we're connected.
  • Telstra Corporate is the gateway into the range of products and services offered by Telstra Consumer and Telstra Business and Enterprise.
  • The requested URL /lol.php was not found on this server. Not Found 404 Not Found
  • The requested URL /lol.php was not found on this server. 404 Not Found Not Found