iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Australian telco has paid up after failure to use customer ID authentication processes.
Australian telco giant Telstra has paid a $1,551,000 fine after an investigation by the Australian Communications and Media Authority (ACMA) found it had failed to implement customer ID authentication processes.
According to the ACMA investigation, the failure led to “168,000 high-risk customer interactions” during password reset and SIM-swapping requests.
Of those interactions, 7,000 were with customers in vulnerable circumstances.
ACMA member Samantha Yorke said that Telstra’s failure to implement the processes led to thousands of Australians being at risk of serious harm.
“When the ACMA made these rules in mid-2022, we identified that victims of mobile fraud lose $28,000 on average,” Yorke said in a statement.
“While there is no direct evidence anyone suffered losses because of these breaches, customers need to be able to trust that their telcos are protecting their accounts from fraud.”
“SIM-swap scams can be particularly devastating as victims can lose life savings as well as control of their phone number and other personal information.”
Telstra also agreed to a comprehensive two-year court-enforceable undertaking that commits the company to hire an independent consultant to review its compliance with the ACMA’s rules.
The customer ID authentication rules have reduced SIM-swapping fraud, Yorke said, with telcos required to use multifactor ID authentication methods before any action that might compromise a user’s account can proceed.
“It is unacceptable that Telstra did not have proper systems in place when the rules came into force,” Yorke said.
If you or someone you know has fallen victim to a scam, report it to Scamwatch right away.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
