Telstra and BigPond customers wished that Telstra took their own advise and had some security on the Telstra Bundles RightNow web-based database that caused the privacy breach that was reported yesterday!
The database listed customers details including usernames and passwords (Screenshot below). 60,000 customers require their passwords to be changed. Unfortunately changing the passwords disconnects the customers from the Internet and requires them to contact Telstra to get the new password before they can get back online.
With so many customers affected the call wait times to contact BigPond technical support to get a new password are very lengthy. The password change is definitely warranted and I agree that Telstra has done the right thing in changing all affected customers passwords for their security, it is just a shame that security wasn't the original priority when the bundle database was open to anyone on the Internet.
Speculations from security experts and ex-Telstra employees indicate that this issue has been around for many years. Telstra first started using RightNow (the system responsible for the privacy breach) in 2006 and the lack of security was a known issue.
