Vodafone acknowledged a data privacy breach following an app update. The recent update reportedly allowed customers to gain access to fellow users’ personal information.
The New Zealand Herald reports that a company spokesperson confirmed the incident. The spokesperson said, “At 7 am today, a planned upgrade to the MyVodafone app resulted in an unexpected catching issue.” Within 15 minutes of rolling out the upgrade, the program was retracted by the company and the issue instantly corrected.
The representative further said the rollback allowed some users to see personal information, albeit for a short period of time. The carrier maintains that its customer’s privacy is of utmost importance. As a result, they are “urgently assessing the number of people who were impacted and the details of the impact.”
Apart from fixing the glitch in the program, the carrier also intends to notify customers whose data were compromised.
Information seen on the app includes payment plan availed, data usage, and due payments.
Details of the Incident
Following the update on the MyVodafone mobile application, users found themselves logged in to another person’s account. In an interview with the New Zealand Herald, customer Reuben Pollock states he experienced the same incident. Following the phenomenon, Pollock immediately contacted the company.
On another side of the story, Umesh Dayal from Auckland received notices from fellow customers who obtained his data. In a statement to Stuff, the Dayal revealed that “at least half-a-dozen” individuals reached out to him. Users called Dayal on Wednesday morning, saying they obtained his details upon logging in through the MyVodafone app.
Despite a possible widespread breach, both Pollock and Dayal remain unfazed. Both believe that while the issue is widespread, the company immediately rolled out a patch for the flaw. In addition, no financial or credit information was compromised.
Dayal shared that to access other functions on the app, customers constantly needed to input their password.
Peter Murphy, another customer, disclosed that he was able to access Dayal’s account details. Besides Dayal’s personal information, Murphy reportedly accessed two other account details upon logging in back the program.
Contrary to Dayal and Pollock’s statements, Murphy believes he could easily make changes to the accounts and the data within. In the same way, Murphy had concerns about the glitch, saying his own information could be accessed by other users.
In attempts to address the incident, a business representative simply told Murphy to delete the app from his phone. Afterward, he was advised to reinstall it and enter his credentials, notes Stuff.