Media Authority – Michmutters
Categories
Business

Phone company Circles. Life fined $300k by telco regulator over customer breaches

A telco company has been slapped with a $300,000 fine because it exposed nearly 2000 Australians to potential scammers.

Circles Australia Pty Limited, trading as Circles.Life, must pay a $199,800 infringement notice as well as $100,000 in compensation to fraud victims.

On Tuesday morning, the telco regulator, the Australian Communications and Media Authority’s (ACMA), announced the hefty costs.

Circles.Life breached the rules for phone number transfers a whopping 1,787 times when it sold SIM cards in retail stores between August and December 2021, according to the regulator.

The phone company was found to have failed to properly check the identity of purchasers, which meant cyber criminals then “took advantage of these lapses”.

As a result, 42 consumers experienced “fraud-related issues” which included their email and bank accounts being breached.

Of those, at least seven lost money to scammers.

The costly penalty is part of the ACMA’s broader crackdown on the telco industry, after implementing sweeping changes last month to combat phone scams which are on the rise.

The phone company should have adhered to multi-factor identification rules, according to ACMA Chair Nerida O’Loughlin.

“It is deeply concerning that Circles.Life did not have proper processes in place for such a long period and that so many people were affected or put at risk of identity theft and fraud,” she said.

“Combating these types of scams requires concerted action by all telcos and one weak link exposes all consumers to harm.

“It is the customers of other telcos who have fallen victim in this case by having their number transferred to Circles.Life without their knowledge.”

The ACMA also added that while the breaches should not have occurred, Circles.Life “responded quickly” when they realized the extent of the problem.

News.com.au has contacted Circles.Life for comment.

In a statement, the company said it had protocols in place for a one-time password verification for online port-ins, but the same rules didn’t apply for SIMs purchased at brick and mortar stores.

In April, the ACMA announced that phone companies will need stronger customer identity checks for “high-risk transactions” like SIM swaps, account changes or switching providers.

The new requirements, called the Telecommunications Service Provider (Customer Identity Authentication) Determination 2022, came into effect on June 30.

Since then, telcos must use multi-factor authentication of their customers’ identities such as confirming personal information and responding with a one-time code, similar to how banks operate. Before the changes, telcos mostly only required a customer’s name, phone number, date of birth and address to authorize a change.

The ACMA warned that noncompliance can lead to “strong action” including “pursuit of significant civil penalties” like in the case of Circles.Life and also potential Federal Court proceedings.

News.com.au has extensively reported on a particularly ominous phone scam known as a SIM swap hack in the past.

A SIM swap hack is when a cyber criminal ports – or re-routes – the victim’s mobile number onto their own phone, allowing them to intercept text messages and reset passwords to things like bank accounts.

In many cases, scammers were able to do so by impersonating the customer to their telco provider, then convincing the company to switch the SIM card over to an eSIM card.

Often the scammers will transfer the phone number to another provider to make it harder for victims to regain control of their account.

News.com.au reported on a Sydney man waking up to find $52,000 stolen from him by SIM hackers, while an Adelaide schoolteacher lost her entire life savings, $43,000, from a similar order.

Between 1 January and 30 September last year, there were at least 510 incidents of reported SIM swaps, resulting in 163 cases of financial loss, according to the ACMA.

These losses amounted to $4.68 million, with the largest single reported loss being $463,782.

Have a similar story? Get-in-touch | [email protected]

.

Categories
Business

Telstra to deregister radio sites after accusations of ‘hindering’ Optus 5G rollout

Telstra has been ordered to deregister more than 150 radio sites under a court-enforceable order, after Australia’s consumer watchdog raised concerns the company was “hindering” a rival telco’s 5G rollout.

The Australian Competition and Consumer Commission (ACCC) launched a lengthy investigation after over concerns about the telecommunication giant’s registration of 315 low-band radiocommunications sites back in January.

Low-band spectrum, such as 900MHz, can transmit over greater distances and is used by mobile network operators to provide coverage and capacity.

The ACCC probe raised concern Telstra’s regulation of the 315 sites would have “hindered” or prevented its rival Optus from deploying its 5G network, thereby preventing it from engaging in competitive conduct.

Under the court undertaking, Telstra is now required to deregister all remaining radiocommunications sites registered in the 900MHz band.

The company holds a license for parts of the 900MHz spectrum band until June 2024.

But up until January, Telstra was making little use of the spectrum and had not registered a new site since 2016.

Optus successfully bid for licenses in the low-band spectrum following an auction by the Australian Communications and Media Authority (ACMA) in December last year.

Telstra then registered the other 315 low-band radiocommunications sites.

They later deregistered 153, with 162 remaining registered.

The undertaking, agreed to by the ACCC, requires Telstra to deregister all remaining radiocommunications sites it registered with the ACMA in the 900MHz spectrum band in January 2022 which would have prevented Optus early access to the spectrum.

ACCC chair Liza Carver said the undertaking meant more Australians in regional and metropolitan areas would have access to a choice of 5G services.

“This is critical as 5G network coverage becomes an increasingly important factor in consumer choice in mobile phones and mobile plans,” she said.

“Competition is key to driving innovation and investment in new technology and providing consumers with greater choice, better quality services and lower prices.”

The new court order comes after Telstra announced it would return all of its call centers to Australia after ongoing consumer demand.

“What we heard loud and clear was that you wanted a change in the way we answered our calls, so we did it,” CEO Andrew Penn said last month.

.

Categories
Business

Telstra to deregister radio sites after accusations of ‘hindering’ Optus 5G rollout

Telstra has been ordered to deregister more than 150 radio sites under a court-enforceable order, after Australia’s consumer watchdog raised concerns the company was “hindering” a rival telco’s 5G rollout.

The Australian Competition and Consumer Commission (ACCC) launched a lengthy investigation after over concerns about the telecommunication giant’s registration of 315 low-band radiocommunications sites back in January.

Low-band spectrum, such as 900MHz, can transmit over greater distances and is used by mobile network operators to provide coverage and capacity.

The ACCC probe raised concern Telstra’s regulation of the 315 sites would have “hindered” or prevented its rival Optus from deploying its 5G network, thereby preventing it from engaging in competitive conduct.

Under the court undertaking, Telstra is now required to deregister all remaining radiocommunications sites registered in the 900MHz band.

The company holds a license for parts of the 900MHz spectrum band until June 2024.

But up until January, Telstra was making little use of the spectrum and had not registered a new site since 2016.

Optus successfully bid for licenses in the low-band spectrum following an auction by the Australian Communications and Media Authority (ACMA) in December last year.

Telstra then registered the other 315 low-band radiocommunications sites.

They later deregistered 153, with 162 remaining registered.

The undertaking, agreed to by the ACCC, requires Telstra to deregister all remaining radiocommunications sites it registered with the ACMA in the 900MHz spectrum band in January 2022 which would have prevented Optus early access to the spectrum.

ACCC chair Liza Carver said the undertaking meant more Australians in regional and metropolitan areas would have access to a choice of 5G services.

“This is critical as 5G network coverage becomes an increasingly important factor in consumer choice in mobile phones and mobile plans,” she said.

“Competition is key to driving innovation and investment in new technology and providing consumers with greater choice, better quality services and lower prices.”

The new court order comes after Telstra announced it would return all of its call centers to Australia after ongoing consumer demand.

“What we heard loud and clear was that you wanted a change in the way we answered our calls, so we did it,” CEO Andrew Penn said last month.

.