ZDNet | Security

Optus disables My Account site after users complain of privacy breach

Optus has confirmed that its My Account website is back up and running after temporarily disabling access following complaints from users that they were seeing the wrong customer information after logging in.

According to Optus, it disabled the site “as a precaution”.

“Optus is aware some customers reported seeing incorrect information when activating their Prepaid service, and when logging into My Account to pay their bill yesterday,” an Optus spokesperson said on Friday.

“The Optus My Account website is now operational, and Optus is working with our third-party vendors to identify the cause of yesterday’s issue.”

Optus added that it will be contacting any customers who might have been impacted.

As first reported by ABC on Thursday, Optus customers tweeted about seeing other customers’ information after logging into Optus My Account.

“Yo someone tell @optus some s*** is going down with My Account. Page refreshes every 2 seconds and when I managed to click into my account (chrome auto fills my deets) I was Vladimir? Yea i ain’t Vladimir,” one customer tweeted.

According to ABC, one customer said they saw someone else’s name, phone number, and account number, while others reported seeing phishing emails purporting to be from Optus.

The potential data breach follows Optus last week being fined AU$10 million by the Federal Court of Australia after it admitted to misleading consumers and breaching the ASIC Act for its third-party billing practices.

The telco admitted to having knowledge from as early as April 2014 that customers were being billed for direct carrier billing (DCB) services that they had unknowingly or mistakenly signed up for.

Optus also failed to develop “appropriate identity verification safeguards” despite receiving more than 600,000 enquiries, the Australian Competition and Consumer Commission (ACCC) said.

It has already paid AU$8 million in refunds to around 240,000 customers, with third-party providers paying a further AU$13 million in refunds to Optus customers. The telco is also required to contact any customers who may have been impacted by its conduct.

As of December 31, Optus had 10.2 million mobile customers — 5.6 million post-paid, 3.5 million prepaid, and 1.2 million mobile broadband — after adding 295,000 over the last year.

Optus now has 7,242 4G mobile sites covering 97.2 percent of the population, after launching over 140 new sites during the most recent quarter.

Earlier this week, Optus also switched on its fourth 5G mobile tower, with 50 sites due to be online by March to provide coverage to 60 suburbs.

Optus plans to have 1,200 5G mobile sites live by March 2020 across New South Wales, Victoria, Queensland, the Australian Capital Territory, South Australia, and Western Australia, and expects to see 5G phones in the May/June window.

The telco on Thursday announced a profit drop of AU$147 million year on year for the nine-month period to the end of December, falling to AU$431 million, with the telco citing lower National Broadband Network (NBN) migration payments.

Underlying net profit also dropped by 15 percent to AU$488 million, while earnings before interest, tax, depreciation, and amortisation (EBITDA) decreased by 3.4 percent from just over AU$2 billion to AU$1.95 billion.

Despite this, Optus said it has “strong sales momentum”, with operating revenue up 5.2 percent to AU$6.8 billion and Optus CEO Allen Lew pointing to growth across mobile subscribers and the launch of its commercial 5G service.

“We are proud to be first in market with a 5G home broadband service,” Lew said.

“Our customers can continue to expect more innovation, entertainment services, value-added solutions including cybersecurity, and game-changing customer experiences in the future.”

For the nine months to December 31, mobile revenue was up from AU$3.8 billion to AU$4.3 billion.

Related Coverage

Optus also blames NBN for profit drop

Optus has announced a nine-month net profit of AU$431 million and EBITDA of almost AU$2 billion on revenue of AU$6.8 billion.

Ericsson to build 50 Optus 5G sites

Optus has revealed that in addition to Nokia, it is also working with Ericsson across its 5G launches.

Optus 5G Home Broadband goes live in Canberra and Sydney

Optus is expecting to deliver its 5G Home Broadband service to customers across 50 sites in NSW, Victoria, Queensland, the ACT, South Australia, and Western Australia in the second quarter of 2019.

Optus cops AU$10m penalty for misleading customers

The Federal Court has levelled a AU$10 million penalty on Optus for misleading customers over third-party billing services, with the telco also already paying another AU$8 million in refunds.

READ MORE HERE