A bit more news in the continuing saga of the Vodafone Australia massive data breach. According to the Sydney Morning Herald, Vodafone has fired several of its staff in connection with the data breach and contacted the NSW police.
The Morning Herald article goes on to state that Vodafone refuses to say how many staff were sacked or in which part of the organization they worked for.
The Morning Herald says that Vodafone will continue to change on a daily basis the password to its customer system web portal; previously the company changed it only once a month which was one reason given for the breach.
The situation is looking less and less like that "one-off breach" that Vodafone's CEO Nigel Dew claimed when the breach became public.
In related news, the law firm Piper Alderman now has 15,000 Vodafone customers interested in joining a class action lawsuit against Vodafone for its poor service. It was about 9,000 ten days ago.
And apparently, the Australian Privacy Commissioner who is investigating Vodafone over the data breach, can't fine the company for breaking Australian privacy laws. The Morning Herald says that, "under current laws the commissioner cannot fine companies if the agency instigates its own investigation."
Look for that law to be changed in the wake of this breach.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.