Vodafone has dismissed “a number of staff” following the misuse of login credentials that allowed unauthorized access to a Web portal meant to be accessible only to its employees and those of its resellers. The data breach, misinterpreted as customer details being published on the Internet by a number of Australian media outlets …
I guess this article is referring to Vodafone Australia....? Not at all clear from casual reading.
since when was Vodafone "public sector"
If you provide sales staff and partner companies with external (internet) access to your system you must assume that whatever is accessible by this means will soon be exposed to more public view - and partition your data accordingly.
'stored on the internet'
That sounds like a deliberately misleading claim. Nobody ever thought they were using cloud storage, and nobody thought cloud storage was a problem.
They should have been using two-part (hardware) authentication, using smart cards for their retailers, embedded ID for laptops, and keyfob ID for the small number of strange situations where the conection couldn't be tied to a particular computer.
All of this is standard hardware. Not even special hardware, this stuff is available from High-street shops, it's not used by home users but it's already built into business laptops, it just needs configuration.
They were too cheap and careless to do it.
So now they are trying to change the subject, to take advantage of the ignorance of the press.
Before I was sorry for them. Now I'm disgusted.
- Nokia: Read our Maps, Samsung – we're HERE for the Gear
- Ofcom will not probe lesbian lizard snog in new Dr Who series
- Kaspersky backpedals on 'done nothing wrong, nothing to fear' blather
- Episode 9 BOFH: The current value of our IT ASSets? Minus eleventy-seven...
- Too slow with that iPhone refresh, Apple: Android is GOBBLING up US mobile market