Australia-based telecommunications company Telstra committed its second data breach in less than a month when a spreadsheet containing customer information was posted online on December 30. The Australian reported that according to initial inquiries, the spreadsheet was posted by a consultant to use in training and coaching.
The Australian article said that some 1,500 e-mail addresses, phone numbers, postal details, and service support problems were displayed in the spreadsheet, but Telstra said it had “no reason to believe it contained passwords or credit or financial information.”
According to the article, Telstra’s IT experts took down the site that hosted the spreadsheet quickly.
"Our customers' privacy is paramount and the site was disabled within an hour of Telstra being made aware of it," a Telstra spokeswoman was quoted by The Australian.
The article noted that more than 1,000 BigPond clients who had contacted the company’s customer service department for technical assistance were affected. According to an article in International Times, Telstra said these customers would be notified about the incident and would receive support for possible counter-measures to correct the error.
Telstra’s previous data breach occurred in early December, when a Telstra search page used by the company’s customer service agents was left unprotected and accessible on the web. This breach exposed 800,000 customers’ details, including e-mail addresses, usernames and passwords, according to The Australian. The Privacy Commission investigation prompted by this breach is to conclude in February; another investigation is expected for the more recent breach.