Vodafone Australia is in deep hot water again over reports lax privacy standards have compromised the personal information of millions of its customers.
The private details - such as credit card details, drivers' license numbers, home addresses and call logs - of around 4 million Vodafone users are available through a freely-accessible website, the Sydney Morning Herald said on Sunday.
This site is protected only by password logins, which are made available to potentially thousands of people including employees at Vodafone retail stores and resellers, and are able to be freely passed around.
The Herald said it had learned of some criminal groups paying for access to the information, planning to use the details to extort some Vodafone customers. It also discovered instances where people have obtained logins to check up on their spouses via call logs.
Vodafone has confirmed it is investigating the alleged breaches.
Herald journalist Natalie O'Brien describes watching her own personal details, including her entire call list, her Vodafone PIN number and date of birth, be called up in seconds by someone who knew a password for the customer database.