O2 apologizes for 'unintended' number-leak cockup
Will cooperate with Information Commissioner's probe
O2 has issued a public apology for leaking the phone numbers of some 3G customers in header information sent to website managers.
“We would like to apologize for the concern we have caused,” the company said in a statement.
The cellco said it was standard industry practice to send out user’s phone number information in this way to “certain trusted partners”, (as El Reg has pointed out) but blamed a botched maintenance job on January 10 for the data spillage. O2 said it had plugged the leak as of 14:00 GMT Wednesday.
“Technical changes we implemented as part of routine maintenance had the unintended effect of making it possible in certain circumstances for website owners to see the mobile numbers of those browsing their site,” it explained.
The UK's Information Commissioner is looking into the incident, and O2 said it had been in contact and would cooperate fully with any inquiry. It has also made a call to Ofcom to offer what one would assume to be a grovelling apology.
The problem occurred with O2 bundling in phone numbers of 3G users to websites that were visited – but this didn’t affect Wi-Fi users. The number appeared in an x-up-calling-line-id line and was storable by the site, although there are no reports yet of anyone being contacted. ®
Sponsored: Global DDoS threat landscape report