Vodafone has dismissed “a number of staff” following the misuse of login credentials that allowed unauthorized access to a Web portal meant to be accessible only to its employees and those of its resellers. The data breach, misinterpreted as customer details being published on the Internet by a number of Australian media outlets …
I guess this article is referring to Vodafone Australia....? Not at all clear from casual reading.
since when was Vodafone "public sector"
If you provide sales staff and partner companies with external (internet) access to your system you must assume that whatever is accessible by this means will soon be exposed to more public view - and partition your data accordingly.
'stored on the internet'
That sounds like a deliberately misleading claim. Nobody ever thought they were using cloud storage, and nobody thought cloud storage was a problem.
They should have been using two-part (hardware) authentication, using smart cards for their retailers, embedded ID for laptops, and keyfob ID for the small number of strange situations where the conection couldn't be tied to a particular computer.
All of this is standard hardware. Not even special hardware, this stuff is available from High-street shops, it's not used by home users but it's already built into business laptops, it just needs configuration.
They were too cheap and careless to do it.
So now they are trying to change the subject, to take advantage of the ignorance of the press.
Before I was sorry for them. Now I'm disgusted.
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- 20 Freescale staff on vanished Malaysia Airlines flight MH370
- Neil Young touts MP3 player that's no Piece of Crap
- Review Distro diaspora: Four flavours of Ubuntu unpacked
- Sysadmins and devs: Do these job descriptions make any sense?