Vodafone admits hacking journalist’s phone

Ayers Rock/Uluru in central Australian desert, Northern Territory. 1992.

Ayers Rock/Uluru in central Australian desert, Northern Territory. 1992.

Vodafone Australia has admitted hacking a Fairfax journalist’s phone to find out who her deep throats were inside the company.

Natalie O’Brien penned a story about how Vodafone’s Siebel data system was vulnerable to hacking, and that the data of millions of customers was available online.

The company has said that one of its employee’s hacked O’Brien’s phone records in an attempt to uncover her sources for stories. However it denies any “improper behaviour.” True, it did mislead the authorities about systemic privacy breaches, but you should trust it that it never did anything wrong.

And although O’Brien’s story implied that criminal groups were paying Vodafone for customers’ private information, that was nothing to worry about either. Glad they sorted that one out.
Writing in the Sun-Herald, O’Brien said she had been devastated by the invasion of privacy.

“It’s a creepy nauseating experience to know that someone has been trawling through your mobile phone account looking at all your call records and private text messages.

“The invasion of privacy is devasting. It plays with your mind. What was in those texts? Who were they to? What did they see? What did they do with the information?”

An internal Vodafone email, reported by the Australian, shows the company was aware of the extent of the security breaches and the potential legal and reputation damage of hacking a journalist’s phone.

However, the head of fraud management and investigations for Vodafone Group, Colin Yates, pointed out to then global corporate security director Richard Knowlton that there was a “huge risk” to the company if the hacking of O’Brien’s phone “gets into the public domain”.

“And would certainly destroy all of the work done by VHA [Vodafone Hutchison Australia] over the past months to try and restore its reputation.”

The Yates email also suggests the company covered up the extent of the Siebel security breaches from the public and industry regulators.

In a statement issued Saturday, a Vodafone spokeswoman said the company “strongly denies any allegations of improper behaviour. VHA takes its legal and corporate responsibilities very seriously”.

“Over the past four years, VHA has invested heavily in the security of its IT systems. The company has very strict controls and processes around the privacy of customer information, and has appointed a dedicated privacy officer. The privacy of our customers and protection of their information is our highest priority and we take this responsibility very seriously.”

As far as hacking a journalist’s phone goes, the company commissioned an investigation by one of Australia’s top accounting firms, which found there was no evidence VHA management had instructed the employee to access the messages. It also found that VHA staff was fully aware of their legal obligations in relation to customer information. So in other words nothing really happened so everyone can go back to bed thinking that Vodafone is a really nice company and its data is super secure..