Internet provider Aussie Broadband has been slapped with a $213,000 fine for failing to add customer information to a database used to contact people in an emergency, blaming an undetected software fault for the lack of reporting.
The Australian Communications and Media Authority (ACMA) found Aussie Broadband breached the Telecommunications Act and an industry code by not updating the Integrated Public Number Database (IPND) on 30,000 occasions.
The database contains the phone numbers, names, and addresses for customers of all phone and internet service providers in Australia. It is used to send emergency notifications and by law enforcement.
ACMA Chair Nerida O’Loughlin said Aussie Broadband’s mistake could have put people at risk.
“While we are not aware anyone was harmed due to the breaches, it is alarming that Aussie Broadband did not have effective processes in place to identify that its customer information was not being provided for over six months,” she said in a statement.
“While the breaches should not have occurred, we are pleased to see Aussie Broadband moved quickly to upload the missing data once it was brought to its attention and has taken steps to comply in future.”
Aussie Broadband said the issue stemmed from a “software failure [that] was not detected as part of [its] normal compliance procedures”.
“We are deeply sorry that this software failure went undetected leading to inaccurate records in the IPND database,” the company’s Managing Director Phillip Britt said in a statement.
“Whilst we had several checks and balances in place, these did not go far enough and I’m confident that our new compliance checks will ensure this never happens again.”
Aussie Broadband said it has added extra compliance measures including redundancy, error notifications, and audits to make sure its breach of the Telecommunications Act isn't repeated.
ACMA has given the telco a ‘direction to comply’ with the IPND industry code, with failure to do so coming at a potential cost of $250,000 per breach.