Germany Fines Vodafone €45M Over Security Failures and Fraud
The network operator Vodafone has been sentenced to a fine of 45 million euros by the federal data protection officer for the fraudulent behavior of its sales partners and massive security problems.
Two fines of 45 million euros
The Federal Data Protection Officer Louisa Specht-Remenschneider has occupied Vodafone with two fines, each with 15 and 30 million euros. One punishment was imposed because Vodafone did not adequately control the activities of external sales agencies, while they tried to bring contracts to the man or woman with illegal practices.
Among other things, the external partners are said to have put on contracts that customers had not concluded. Vodafone said that data protection in the company enjoys a high priority and apologized for the systems and measures that were not sufficient at the time of the violations of the requirements of the data protection authorities.
Gaps enabled access to ESIM profiles
The second fine was imposed because Vodafone had some security gaps in his customer portal Meinvodafone. Due to an insufficient protection, these enabled people to access ESIM profiles from customers, which resulted in the risk that Vodafone customers could be stored by SIM swapping data. According to Specht-Remenschneider, the penance imposed with Vodafone is the highest punishment that its authority has previously pronounced.
During the investigation by the federal data protectionists, Vodafone always cooperated and provided information, even when it came to issues that may have had negative consequences for the company, it said. Vodafone has already paid the fine fully and also donated several million euros to organizations that are not mentioned in more detail that are committed to data protection, said Specht-Remenschneider.
