O2’s Bill Exposes Self

Giant mobile network O2 had to close down their online Bill Manager earlier this week after a serious security breach was exposed.

O2’s Bill Manager which allows small companies to manage their mobile bills online, suffered a coding error which made available over 600 pages of customer details.

Three months data of call spend, minutes used, and the numbers each company owned were viewable, although information was limited to existing Bill Manager users and was not available without a login.

The leaked data would have been a boon to competitors or companies looking to add to their direct marketing databases. Creation of a simple script would have allowed anyone registered to Bill Manager to download all phone numbers that calls were made to, plus the originating phone number often accompanied by the name of the user.

Bill Manager was taken down for no more than 24 hours stating "From time to time it is necessary to ‘bring down’ the website in order to upload data, commence production processes or add essential upgrades. O2 will always endeavor to minimise these times and we will do our best to make sure the site is available during peak demand periods"