Feeds

Staff at UK mobile co sold customer records

Info Commissioner recommends jail for miscreants

Beginner's guide to SSL certificates

Updated Staff at an unnamed mobile operator have been selling customer details to the competition, and the Information Commissioner reckons that it will take a spell in chokey to stop the leaks.

According to the BBC, a T-Mobile spokesman has confirmed that T-Mobile is the company in question. The spokesman tells the BBC that the company alerted the Information Commission, saying that the data was sold "without our knowledge."

Customers numbering "many thousands" have had their details - including contract-renewal dates - lifted by staff working at the operator in question and sold to agents, who then cold-call the customers to offer alternative contracts. But the Information Commissioner complains that fining the ne'er-do-wells isn't enough, and suggests that locking them away is the only language they'll understand.

The details come as part of the Commissioner's ongoing campaign in favour of government proposals to introduce a prison term for those in breach of the Data Protection Act. This demonstrates that it's not just banks and doctors who have commercially-valuable information that can be stolen by individuals employed by the company.

In this case, it was enough information for a broker to call up just before a contract expires and offer an alternative, for which the brokers have apparently paid "substantial amounts of money". So much money, according to the Commissioner, that the threat of a fine is simply ineffective:

"The existing paltry fines... are simply not enough to deter people from engaging in this lucrative criminal activity. The threat of jail, not fines, will prove a stronger deterrent."

Given the number of cold calls received by every mobile phone user in the UK it would be tempting to think the information wasn't that valuable - but we don't know exactly what other information could have been exposed. Plus there is also an obvious principle at stake.

Strengthening Section 55 of the Data Protection Act could make it riskier for journalists to find information, though apparently we'll get a "public interest" defence to go with the new custodial sentences. ®

Updated: This story has been updated to include mention of the BBC's story on the matter.

Secure remote control for conventional and virtual desktops

More from The Register

next story
Of COURSE Stephen Elop's to blame for Nokia woes, says author
'Google did have some unique propositions for Nokia'
FCC, Google cast eye over millimetre wireless
The smaller the wave, the bigger 5G's chances of success
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.