MWeb Business accounts were compromised yesterday in a hacking incident that saw the integrity of usernames and passwords affected.
MWeb says fewer than 1 000 accounts were compromised. It explains that access was gained to Internet Solutions' (IS's) self-service management system that MWeb Business uses to provision and manage business accounts that have not yet been migrated to the MWeb network.
“The compromised accounts are the only MWeb Business customer accounts that have not yet been migrated to MWeb's own IPC network following its launch in April.”
The service provider explains that historically MWeb Business re-sold IS's uncapped and fixed IP ADSL services, which were provisioned and managed by MWeb, using a Web-based management interface provided by IS.
“All new business ADSL services provisioned after April, as well as the bulk of legacy services already migrated, use MWeb's internal authentication systems, which were completely unaffected by this incident.”
Andre Joubert, GM of MWeb Business, says the integrity of personal or private data related to the accounts remains intact, as do the access credentials for each customer's bundled on-site router.
He adds that MWeb took immediate action to ascertain the extent of the compromise and to limit any damage that might have been caused. It is in the process of contacting all affected customers to advise them their passwords are being changed remotely.
“MWeb is working with Internet Solutions to investigate the nature and source of the compromise and to ensure it does not recur,” says the company.
Trust betrayed?
A 2009 Nokia Siemens Consumer Privacy Survey of SA placed MWeb in a top position in terms of being a trusted telecoms player in the Internet service provider market.
The survey listed Telkom as the most trusted, scoring a possible 6.9 points out of 10. MWeb placed second, with a score of 6.4, and Vodacom third, with a score of 6.2.
Local consumers place privacy high on their list of priorities when selecting which telecoms company to use, with 90% claiming to be selective about whom they share their personal data with and why, says Jorg Erlemeier, head of Nokia Siemens Networks' Middle East Africa region.
Erlemeier pointed to the survey, which indicated that 89% of local consumers see privacy as an important topic and 87% are concerned about privacy violations.
Industry players must join forces with customers, partners, governments and other important constituencies on a road map for creating a trusted Internet, says Adrienne Hall, GM of Microsoft Trustworthy Computing.
“The time to do this is now,” she adds. “Some serious issues, such as botnets, spam and ID theft, have served to focus people's attention on security and privacy issues. Some important discussions, such as how to achieve more security and more privacy instead of trading one for the other, have led to new thinking about how we can create a more secure and privacy-enhanced Internet.”
Share