Vodafone has attempted to hose down concern about alleged data leaks by sending an e-mail to its customers stating their information, including credit card details, remains encrypted and secure.
In an e-mail titled "important information for our customers", Vodafone's director of customer service and experience Cormac Hodgkinson stated the company takes data security and storage of personal information "extremely seriously".
"We are conducting a full investigation into the alleged incident, and as a priority, can assure you that your information is not publicly available on the internet and your personal credit card details are encrypted, secure and cannot be viewed by store staff," Hodgkinson wrote.
The "alleged incident" came to light this week when media reports claimed Vodafone customer data had been leaked and was publically available over the internet.
Among the allegations was Vodafone staff were being bribed into providing customer information, including credit card details, to people outside the organisation.
In a Q&A style format, Vodafone's message to customers was that all is well and the allegations are being investigated.
"Are my personal details publicly available on the internet?" Hodgkinson asked. "Contrary to media reports, customer information is not ‘publicly available on the internet’. Customer information is stored on Vodafone’s internal systems and accessed through a secure Web portal, accessible to authorised personnel via a secure login and password.
"Are my credit card details publicly available on the internet? No. Customers’ credit card details are encrypted and secure within our systems and cannot be viewed by store staff."
What is Vodafone doing about the alleged incident?
"As soon as we became aware of the alleged incident on Saturday, 8 January 2011, we commenced an investigation, which is ongoing," Hodgkinson wrote.
"We have reset all passwords, and we will continue to reset passwords to our systems every 24 hours, while we examine all security procedures and protocols."
Vodafone also disclosed it is now liaising with the Privacy Commissioner, the ACMA and "other government agencies".
If a customer believes there has been a breach of their privacy they are advised to contact Vodafone and "click for more information".
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.