Major Privacy Breach a “Common Practice”

The New Zealand Herald reports that rival firm Slingshot has allegedly passed on login details to access Telecom’s customer database, including names, addresses and billing details. Privacy Commissioner Marie Shroff has reportedly expressed dismay, and her office is investigating the matter. Five former employees of Slingshot’s sales contractor Power Marketing reportedly claimed that “staff accessed Telecom customer details as part of their sales business” and that this was “common practice”. According to the New Zealand Herald, credit card information was not accessible and the customer database was largely used so that Slingshot staff could try to poach Telecom customers via cold-calling.

Telecom retail chief executive Alan Gourdie has reportedly mooted contacting the police, and will “pursue this to all remedies that are available”. Assistant Privacy Commissioner Katrine Evans said that the investigation would focus on the adequacy of Telecom’s data security systems as well as Power Marketing and Slingshot’s actions in acquiring customer information.
Privacy Commissioner’s media release (19 January 2011)
New Zealand Herald: Telecom rival implicated in security breach (16 January 2011)
(Source: New Zealand Herald; Privacy Commissioner)