Personal details of Movistars customers exposed in Telefonica data breach

Tuesday 17 July 2018 10:41 CET | News

Telefonica, a large telecommunications provider, has suffered a data breach, exposing the personal and financial information for millions of Spanish users of Movistar.

The breach came to light after a Movistar user reported it to FACUA, a Spanish non-profit specialized in consumer rights protections. The user discovered that anyone with a Movistar account could view other users’ personal data, according to Bleeping Computer. The organisation says it notified Telefonica of the issue on Sunday, July 15, and FACUA announced the breach in a press conference on Monday, July 16, 11:00, local time.

FACUA says that the page for viewing Movistar invoices embedded the invoice alpha-numerical ID inside the online account URL. Any user modifying this ID could then access other users’ account data.

According to a FACUA spokesperson, the agency filed a complaint against Telefonica Spain and Telefonica Mobile with the Spanish Agency for Data Protection (AEPD), the national agency in charge of enforcing the new GDPR data protection rules.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Telefonica, data breach, Movistar, online security, fraud prevention, financial information, FACUA, Spain, Movistar
Countries: World