ZURICH (Reuters) – Data on around 800,000 Swisscom customers leaked when security at an external sales partner was breached, prompting the Swiss group to tighten access to its files, it said on Wednesday.
The breach late last year affected “non-sensitive” data such as customers’ names, addresses, telephone numbers and dates of birth. No passwords, conversations or payment data were affected, it said.
It came to light during a routine check of operations that showed unknown parties had misappropriated access rights of the unidentified sales partner to see the data.
In response, Swisscom blocked the partner’s access and adopted new policies that ban high-volume queries for all customer information and require two-factor authentication for all data access by sales partners.
Reporting by Michael Shields; Editing by Mark Potter