The BBC yesterday reported that T-Mobile has informed the UK Information Commissioner that company employees had illegally sold millions of records relating to thousands of British T-Mobile phone owners to data brokers for "substantial sums." The brokers in turn sold the information which contained contract details to other phone companies, who then cold-called T-Mobile customers as their contracts were expiring.
According to this story in the London Telegraph, T-Mobile said it had alerted the Information Commissioner's Office (ICO) about the illegal sales and had been asked to keep quiet about the incident to help avoid prejudicing an investigation. T-Mobile said it was surprised when the incident was disclosed yesterday by the BBC.
Fines in Britain for breaching of the Data Protection Act amount to only £5,000.
T-Mobile said the actions by its employees was "deeply regrettable" and that "T-Mobile takes the protection of customer information seriously."
A press release by the ICO on the incident can be found here.
In what the company hoped would be seen as good news, this week T-Mobile resumed the sale of its Sidekick smartphone. Sales of the Sidekick had been halted last month because of a massive loss of customer data due to a server problem.
This latest incident isn't likely to increase consumer confidence in T-Mobile, which took a hit over October's contretemps.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.
