The employee tried to cash in by stealing and selling the data of up to 1.5 million Czech customers.
T-Mobile’s arm in the Czech Republic has uncovered an employee’s intentions to steal customer data in order to sell it on for a profit.
The former staff member tried to sell the T-Mobile customer marketing data, which was reported by MF DNES, although the firm has refused to reveal any additional information concerning the sales pitch, citing an ongoing police investigation.
In a statement, the telecommunications provider said the employee was a member of a small team which works with customer data. T-Mobile “became suspicious” of a crime being committed, firing the individual and alerting the Czech Republic’s police.
T-Mobile confirmed the issue, but while T-Mobile´s Managing Director Milan Vasina also said “there was no actual data leak and that [customer] data [is] safe,” local media reports that Martina Kemrova, a spokeswoman for the company, “acknowledge[d] that the theft and sale” of customer data.
It is unclear whether Vasina means the sale did not take place and therefore client data has been kept safe, or whether the original reports containing the spokeswoman’s comments were misquoted.
Either way, T-Mobile insists this is down to the employee’s behavior and not a system or procedure failure on the firm’s part. The company also says that the data which was stolen was only used for marketing purposes and did not contain any sensitive information such as location, traffic or user credentials.
T-Mobile does admit, however, that customers may be “approached with unsolicited marketing offers,” which, in itself, suggests the data may have ended up in the wrong hands.
“The trust and security of our customers are of key priority for us,” Vasina added. “Although we found no system failure during a thorough check, we will check the whole system again and consider the introduction of other precautionary measures if necessary.”
Working as a cyber security solutions architect, Alisa focuses on application and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.