The Australian Communications and Media Authority (ACMA) and the Australian Privacy Commissioner have announced they will jointly investigate a Telstra mail-out mix-up that saw 220,000 letters sent to the wrong customer addresses.
(Mailing Junk back to Junk Mailers image by Oran Viriyincy, CC BY-SA 2.0)
Telstra is contacting customers affected by a mail-merge error that led to 220,000 letters sent out to incorrect addresses. The letters contained information including customer name, number and telephone plans. Over 23,000 of these letters contained silent phone numbers.
In a statement, the telco apologised for the error and said it ceased the mail out once the error was identified.
"Telstra is taking this issue very seriously. An urgent and thorough investigation is underway to examine how this occurred and to stop it happening again," Telstra said. "The company is directly contacting affected customers to apologise for the error. Customers who have received multiple letters are requested to securely destroy them or return to sender."
Telstra's speedy response to the privacy breach was welcomed by recently appointed Australian Privacy Commissioner Timothy Pilgrim, who said his office plans to investigate the matter immediately.
"While I welcome Telstra's prompt advice that this incident occurred and that it has taken steps to contact affected customers, I am concerned about the amount of personal information that has been disclosed, which includes potentially sensitive information such as silent numbers," Pilgrim said.
"Customers expect their personal data to be protected by organisations and incidents such as this are very serious. For this reason my office will be opening an investigation into the matter today."
ACMA chairman Chris Chapman said the authority's main priority would be to ensure appropriate remedies for customers caught up in the mix up and to limit the damage to those customers.
"I have spoken with Telstra and they have assured us they will fully cooperate with the ACMA and other regulatory agencies to minimise the fallout for customers," he said.
Australian Communications Consumer Action Network chief Teresa Corbin said the consumer group was "extremely concerned" about the breach of consumer privacy.
"The potential for harm when personal details are disclosed is high and a privacy breach of this magnitude is deeply concerning. While Telstra appears to be taking swift action on this matter they must continue to invest great effort into ensuring every customer affected has the problem resolved to their complete satisfaction," she said.
"This incident should also prompt other businesses to review their own internal procedures and the safety of their customers' personal information to ensure that this sort of event isn't repeated."
Customers affected by the error can call Telstra on a hotline set up for the matter on 1800 307 987.