Australian telecommunications company suffers breach, resets user passwords
Telstra BigPond - Australia's largest internet service provider - fell victim to online security threats last week which may have compromised the sensitive information of hundreds of thousands of account holders.
According to the Australian, BigPond users were denied internet access for more than 24 hours this past weekend following a company-forced shutdown of services. Telstra was alerted to a significant online security loophole late Friday when a customer discovered that a simple Google search for the customer support hotline exposed internal account data used by Telstra service agents.
The passwords, usernames and email addresses of nearly 1 million customers were potentially compromised, according to the news source, prompting Telstra to manually reset the passwords for more than 60,000 accounts.
"It might be considered over-cautious, but we'd rather be over-cautious than take risks with our customers' private details," company spokeswoman Karina Keisler told CNET.
Early speculation has suggested that a number of the passwords affected in the incident may have been company-issued credentials used in the account set up process, according to the Conversation. If these reports are true, it would suggest that customer negligence may have been a factor with users neglecting simple password organizer strategies that could have limited their risk exposure.