recent work

Network plugs security hole after it inadvertently provides users' numbers to websites accessed using 3G network

The Guardian has reported that mobile operator O2 has admitted it “regularly hands over subscribers’ phone numbers to sites that offer age-restricted material and premium-rate billing, whether the users realise it or not”.

The Guardian says that O2 is the UK’s second-biggest mobile network with about 27.2m subscribers, and another 2.8m using its network through Tesco Mobile, plus an unknown number on the GiffGaff SIM-only network. With smartphone penetration at around 50% that could mean that up to 15m people have been affected by the data leakage.

An ICO spokesperson said: “Keeping people’s personal information secure is a fundamental principle that sits at the heart of the Data Protection Act and the privacy and electronic communications regulations. When people visit a website via their mobile phone they would not expect their number to be made available to that website. We will now speak to O2 to remind them of their data breach notification obligations, and to better understand what has happened, before we decide how to proceed.”