Dear visitor,
Since its inception Vodafail.com has made a significant
contribution towards raising awareness of the problems and issues faced
by Vodafone customers.
Vodafone Australia customers have had the opportunity to voice their concerns, their fears and their troubles from every corner of Australia and beyond our borders.
You have gathered the courage to stand up for your rights as consumers and to make your voice heard.
Each and every person who shared their story should have a sense of pride in this achievement and the changes that have occurred since the start of Vodafail.com.
More recently, traffic to Vodafail.com has declined significantly.
Having achieved the goal of raising awareness and promoting concrete action in early 2011, we have now reached the point of closing Vodafail to new complaints.
The site will remain online for as long as possible as a
reminder and an example of what is possible when we share our experiences.
It has been a privilege to run this initiative
and I'm am forever grateful for the help and support I've received. In
particular I would like to thank Melissa, David and Travis for their
continued efforts over the past 15 months. I'm also thankful and humbled by the support of ACCAN, Choice magazine and a wide range of media outlets, blogs and websites.
You can still browse existing stories and find out how to file a complaint if you are experiencing problems.
Until next time,
Adam Brimo
Share Your Pain
ACT (1140) | Everywhere (19206) | NSW (7557) | NT (170) | QLD (3578) | SA (987) | Somewhere else (224) | TAS (242) | VIC (3573) | WA (1735) |
11385 Someone from NSW thinks vodafone is VERY FAIL! at 9 Jan 2011 12:19:47 PM
FROM SYDNEY MORNING HERALD:
Mobile security outrage: private details accessible on net Natalie O'Brien
January 9, 2011
The personal details of millions of Vodafone customers, including their names, home addresses, driver's licence numbers and credit card details, have been publicly available on the internet in what is being described as an ''unbelievable'' lapse in security by the mobile phone giant.
This website is aware of criminal groups paying for the private information of some Vodafone customers to stand over them.
Other people have apparently obtained logins to check their spouses' communications.
Advertisement: Story continues below Personal details, accessible from any computer because they are kept on an internet site rather than on Vodafone's internal system, include which numbers a person has dialled or texted, plus from where and when.
The full extent of the privacy breach is unknown but this website has learnt that possibly thousands of people have logins that can be passed around and used by anyone to gain full access to the accounts of about 4 million Vodafone customers.
Professor Michael Fraser, the head of the Australian Communications Law Centre at the University of Technology, Sydney, said that it appeared to be a major breach of the company's privacy obligations and ''unbelievably slack security''.
''The fact you can look up anybody as easily as that seems to be a gross breach of privacy and resulting in an almost negligent exposure to criminal activity,'' said Professor Fraser, who also heads the Australian Communications Consumer Action Network.
A spokesman for Vodafone said yesterday the company had ordered an immediate investigation and review of security procedures.
''Customer information is accessed through a secure web portal, accessible to authorised employees and dealers via a secure login and password,'' he said.
''Any unauthorised access to the portal will be taken very seriously, and would constitute a breach of employment or dealer agreement and possibly a criminal offence.
''We will be conducting a thorough investigation of the matter with our internal security experts and will refer the matter to the Australian Federal Police if appropriate.''
He said all passwords would be reset, and training and other procedures would be reviewed.
The revelations come as Vodafone is facing potential lawsuits and widespread customer dissatisfaction with network access.
More than 9000 customers have joined a class action and the company has set up a number of taskforces to try to fix the problems.
In this new saga for Vodafone, dealers have revealed that they are frequently asked to do ''favours'' and to pass on their login details.
Because the customer database is not an intranet (internal company system) and instead on the internet, users with a password can log in to the portal from anywhere, then access any customer's information.
Vodafone retailers have said each store has a user name and password for the system. That access is shared by staff and every three months it is changed. Other mobile dealers who sell Vodafone products also get full access to the database.
Anyone with full access can look up a customer's bills and make changes to accounts. Limited access allows searching by name, which takes much longer and is more involved but can be just as effective when done correctly. ''It's scary stuff in the wrong hands,'' one dealer told this website.
Australian Privacy Commissioner Timothy Pilgrim said all organisations should take appropriate steps to secure the personal information of their customers or they risked breaching the Privacy Act.
''If an individual believes their privacy has been interfered with they should first contact the organisation responsible and if they are not satisfied with their response they can make a complaint to our office,'' Mr Pilgrim said.
He has backed the federal government's intention to give his office extra powers to impose penalties should he find a breach of the act.
Mobile security outrage: private details accessible on net Natalie O'Brien
January 9, 2011
The personal details of millions of Vodafone customers, including their names, home addresses, driver's licence numbers and credit card details, have been publicly available on the internet in what is being described as an ''unbelievable'' lapse in security by the mobile phone giant.
This website is aware of criminal groups paying for the private information of some Vodafone customers to stand over them.
Other people have apparently obtained logins to check their spouses' communications.
Advertisement: Story continues below Personal details, accessible from any computer because they are kept on an internet site rather than on Vodafone's internal system, include which numbers a person has dialled or texted, plus from where and when.
The full extent of the privacy breach is unknown but this website has learnt that possibly thousands of people have logins that can be passed around and used by anyone to gain full access to the accounts of about 4 million Vodafone customers.
Professor Michael Fraser, the head of the Australian Communications Law Centre at the University of Technology, Sydney, said that it appeared to be a major breach of the company's privacy obligations and ''unbelievably slack security''.
''The fact you can look up anybody as easily as that seems to be a gross breach of privacy and resulting in an almost negligent exposure to criminal activity,'' said Professor Fraser, who also heads the Australian Communications Consumer Action Network.
A spokesman for Vodafone said yesterday the company had ordered an immediate investigation and review of security procedures.
''Customer information is accessed through a secure web portal, accessible to authorised employees and dealers via a secure login and password,'' he said.
''Any unauthorised access to the portal will be taken very seriously, and would constitute a breach of employment or dealer agreement and possibly a criminal offence.
''We will be conducting a thorough investigation of the matter with our internal security experts and will refer the matter to the Australian Federal Police if appropriate.''
He said all passwords would be reset, and training and other procedures would be reviewed.
The revelations come as Vodafone is facing potential lawsuits and widespread customer dissatisfaction with network access.
More than 9000 customers have joined a class action and the company has set up a number of taskforces to try to fix the problems.
In this new saga for Vodafone, dealers have revealed that they are frequently asked to do ''favours'' and to pass on their login details.
Because the customer database is not an intranet (internal company system) and instead on the internet, users with a password can log in to the portal from anywhere, then access any customer's information.
Vodafone retailers have said each store has a user name and password for the system. That access is shared by staff and every three months it is changed. Other mobile dealers who sell Vodafone products also get full access to the database.
Anyone with full access can look up a customer's bills and make changes to accounts. Limited access allows searching by name, which takes much longer and is more involved but can be just as effective when done correctly. ''It's scary stuff in the wrong hands,'' one dealer told this website.
Australian Privacy Commissioner Timothy Pilgrim said all organisations should take appropriate steps to secure the personal information of their customers or they risked breaching the Privacy Act.
''If an individual believes their privacy has been interfered with they should first contact the organisation responsible and if they are not satisfied with their response they can make a complaint to our office,'' Mr Pilgrim said.
He has backed the federal government's intention to give his office extra powers to impose penalties should he find a breach of the act.