Telstra shuts down email services after security breach
- Telstra email failures continue
- BigPond services might be compromised
- Telstra to launch investigation
Telstra customers lost access to webmail and online billing over the weekend after a privacy breach forced the telco to take drastic action.
A Whirlpool user stumbled onto a Telstra database following a routine Google search and found the personal details of thousands of users were openly available.
Full names, telephone numbers, details on what type of plan customers were on and even passwords were available to anyone who accessed the website.
Hours after the post, Sydney Morning Herald journalists had reported on the breach and Telstra quickly reacted by taking down the site and disabling BigPond services that could have been compromised.
Executive director of customer service, Peter Jamieson, wrote on Telstra's blog: "I'd like to apologise to customers who may have been impacted by this issue as we understand the inconvenience it has been causing.
"However, protecting our customers' privacy has been a priority. That’s why as a precaution we disabled our BigPond email, Online Billing, BigPond Self Care and My Account functions and the team has been working around the clock to restore these services.
"We will also be resetting the passwords of around 60,000 customers whose password or user ID may have been inadvertently displayed. We are expecting the actual number of customers whose user id and/or password details were displayed to be significantly less than this."
Customers who cannot log into their BigPond accounts or need passwords reset, can contact the telco on 133 933 anytime, Mr Jamieson added.
Telstra has launched an investigation into the breach.