Telecoms firm cooperates over data leak

The NBTC this week made an order to the mobile phone service brand of True Corp with regards to the recent incident involving the unauthorised access of TrueMove H’s 11,400 customers’ personal data, stored by TrueMove H partner, WeMall, on Amazon Web Services S3 cloud storage bucket. WeMall said it fixed the problem on April 12.
TrueMove H has set data security as its top priority in its business operations in strict compliance with NBTC regulations, it said. 
The NBTC last week summoned representatives of True Corp and WeMall to explain the recent findings of foreign security expert Niall Merrigan that the personal data of subscribers could be accessed without authorisation.
TrueMove H expressed “deep regret” saying it had caused considerable concern among customers about the company’s data security measures. The firm said it has taken action to take control of the situation, including seeking cooperation from WeMall in blocking access to all the affected customer data, reporting the case to the authorities, sending messages to potentially affected customers and enabling them to make free enquiries to its 1242 call centre 24 hours a day. 
TrueMove H will also take responsibility for any damage caused to the affected customers as a result of the incident, it added.
TrueMove H emphasises that this incident does not affect other customers as their personal data is stored in its internal data centres, which are strongly secured and protected in conformity with national requirements and internal measures.