Australian media giant Fairfax went public over the weekend with dramatic claims that customer data from mobile phone company Vodafone Australia is routinely falling into the wrong hands, thanks to lax database security.
According to Fairfax, Vodafone’s customer database is accessible to all its dealers over the internet, with the result that any dealer can look up extensive amounts of personally identifiable information (PII), together with call and SMS history, for any customer.
The Sydney Morning Herald says that unscrupulous password-holders have been offering what amounts to “pay-per-view” access to customer data to third parties.
Individuals, claims the Herald, are buying information to keep track of their spouses, whilst “criminal groups [are] paying for the private information of some Vodafone customers to stand over them”. (Standover is the chillingly descriptive Australian vernacular for intimidation and extortion.)
This story is a disappointing echo of the so-called WikiLeaks “Cablegate” drama. In this case, it is claimed that a single person, with the lowly rank of PFC (Lance Corporal), was able to access, and to copy unencrypted, three decades’ worth of secret US State Department diplomatic cables.
Organisational data shouldn’t be accessible in an all-or-nothing fashion like this. It isn’t fair to the organisation, and it definitely isn’t fair to its customers.
Learn more about what you can do to avoid a “Cablegate” moment in your business in this ZDNet Patch Monday interview with Sydney’s popular “opinionated and irreverent writer, broadcaster and consultant”, Stilgherrian:
If you haven’t yet started thinking about how to divide-and-conquer your corporate data – and how to divide-and-conquer the adminstration of that data – then why not make it a 2011 New Year’s Resolution to do so?