Data Leaks Plague Vodafone, German Regulator Slaps 45 Million Euro Fine
Recommendation for a policy on securing laborers against perils from radioactive material exposure is sought from the Commission, including a proposed directive.
In the heart of Bonn, the German Federal Commissioner for Data Protection and Freedom of Information, Louisa Specht-Riemenschneider, unveiled a jaw-dropping announcement. Vodafone, a leading telecommunications company, has had to shell out a whopping 45 million euros in fines due to data protection lapses. This penalty, the largest ever handed out by her office, followed two separate incidents of data mismanagement.
Cutthroat Contracts and J фишy Partner Deals
The main reason behind the fine stems from underhanded practices by Vodafone's partner agency employees. These foul play activities included the creation of phony contracts that the victims themselves hadn't agreed to. Vodafone was slapped with a 15 million euro fine for not adequately supervising its partners. The data commissioner also alerted the company about potential weaknesses in certain sales systems.
An additional fine of 30 million euros was levied due to a lack of security measures in the joint use of the "MeinVodafone" online portal and the company's hotline. Cybercriminals were able to exploit vulnerabilities in these platforms, allowing unauthorized access to electronic SIM profiles and ultimately taking control of the affected users' mobile profiles. As these phone numbers are commonly used for internet services verifications, this enabled further fraudulent activities.
Fishing for Trouble and Hack Attacks
Vodafone suspects that customer passwords were stolen through phishing scams, where fraudsters posed as Vodafone representatives to obtain passwords, or through hacking.
Investigations into partner companies' illegal activities, including fake contracts, have been underway since 2021. The data protection authorities have been delving into the issues surrounding electronic SIM cards since 2022 and 2023.
unblocked cooperation with Data Protection Authority
Vodafone has acknowledged the fines and already paid up, according to Specht-Riemenschneider. "I’d like to highlight that Vodafone has been cooperative throughout the entire process, providing full disclosure about the incidents that incriminated the company."
The company has made improvements to its processes and systems, tightened rules for partner agency collaborations, and cut ties with partners implicated in deceitful activities. The authority will continue to assess the effectiveness of these measures.
Vodafone: New Security Standards and Hefty Donations to Data Protection Advocates
The company has expressed regret for the harm caused to its customers. Significant changes have taken place, such as stricter guidelines, enhanced partner monitoring, and improved security measures, including stronger customer authentication and smarter handling of sensitive customer data. Vodafone has also donated several million euros to organizations advocating for data protection.
- The fines levied against Vodafone, amounting to 45 million euros, were a result of breaches in data protection, poor business practices, and insufficient technology safety measures, as stated by the German Federal Commissioner for Data Protection and Freedom of Information.
- In an effort to rectify their mistakes and strengthen data protection, Vodafone has implemented new security standards, tightened rules for partner agency collaborations, and made sizeable donations to organizations advocating for data protection, as revealed by the company.
