On Wednesday morning, Vodafone customers, in New Zealand using the app, were briefly able to view other customers details.
The privacy breach was due to an error with a planned upgrade to the app, thus resulting in an “unexpected caching issue” explained Meera Kaushik, spokeswoman from Vodafone.
The issue, which lasted fairly briefly, was noticed by multiple customers. When customers logged into the app during that particular period, account information belonging to other customers were displayed.
The upgrade was rolled back within 15 minutes, however the privacy of customers was impacted. Kaushik confirmed that at least three customers’ personal information was exposed in the time between the upgrade and the roll back.
Fortunately, due to Vodafone implementing the data security standards of the payment card industry (PCI), full card details were not visible.
Many users have raised concerns about how they will know if their details will be revealed, to which Vodafone have stated that they are “urgently assessing the no of people impacted and the details of that impact, as well as determining steps needed to be taken to notify those customers.”
The Privacy Commissioner has been advised, and customers have been notified.
Catch the replays and discover the best talks from Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.