Powering into the Australian news recently is the investigation by Fairfax media into the sale of private details of Australian customers.
A Mumbai-based security firm is asking between $350 and $1000 in exchange for the private information. And there may be several private companies selling phone records, home addresses and other private details of Australian telecommunication company customers.
What’s the risk? This information could be of use to companies engaged in corporate spying or intelligence gathering, private investigators, marketing firms and organised criminals seeking to engage in identity fraud, or to locate people.
And there is already copious amounts of information online on Facebook, twitter and other social media. We’ve all been told plenty of times not to share private information online, especially if you are on holidays and come home to find your garden gnome has been nicked! On the serious side, the recent Paris robbing of a celebrity noted the issues with public up to the minute information being available online.
However, the Mumbai-based security firm has been selling people’s personal data for several years. So whatever has been happening has been occurring for some time… maybe…
Going back to the old fear of losing data… The recent reports highlights the risks facing Australian consumers and businesses as a vast amount of personal or private data is collected and often stored offshore by service providers, financial institutions and government agencies.
The same goes with sending your Accounting clients compliance overseas. Odyssey has long held that there needs to be several levels of security in any organization. Security levels include Physical, Logical, Hardware and Software, and Legal. Legal includes the requirement that the organization complies with Australia’s privacy legislation.
It will be interesting to see where this current investigation moves. As the news report recently noted the Australian Federal police have been called to investigate the data breach, and they have provided information to Indian authorities.
At the end of the day agreements with employees often don’t hold a lot of weight in third world countries, and the temptation for lower paid workers to get ahead is significant. And once the data has been distributed and on sold it is impossible to retrieve.
Far better that you work to ensure the data is secure in the first instance.