The German telecommunications giant admitted on Saturday, Oct. 11, that it was aware of holes in its security system that provided access to bank account numbers and other personal information of some 30 million Telekom mobile phone users.
The company had no indication of a possible theft of the information.
Telekom's customer data systems were freely accessible and open to manipulation after entering a simple username and password, weekly German newsmagazine Der Spiegel reported in its edition to be released on Monday.
The security lapses were dealt with on Thursday and new measures, including the use of unique transaction codes, was put in place as part of a new privacy protection program, a spokesman said on Saturday. The move comes after the former monopoly revealed personal information about 17 million mobile phone customers was stolen two years ago.
Presented on Friday by Telekom head Rene Obermann, the plan calls the company to inform the public about "critical data protection incidents" under investigation.
Critics: New privacy plan not enough
Der Spiegel reported that Telekom had not patched the new security holes it found until reporters confronted the company for comment.
Telekom critics said Telekom's security measures didn't go far enough in protecting consumer's privacy.
Silke Stokar of the Greens told the daily Frankfurter Rundschau said the company should be legally required to inform customers about privacy issues rather than doing so on a voluntary basis. She added that new regulations should also require Telekom to be more transparent about to whom it provides customer information.
T-Mobile supervisory board member Ado Wilhelm said he didn't think Telekom's plan to set up a data protection department would help ensure customers' privacy.
"I doubt that's going to help or solve any problems," he told the paper.