O2 has apologised after it was revealed it had exposed the mobile phone numbers of customers who browse the internet on its network.
The operator was criticised today [25 January] after the potential breach was discovered. In a statement this afternoon, O2 said: 'We investigated, identified and fixed it this afternoon. We would like to apologise for the concern we have caused.'
O2 blamed technical changes it implemented as part of routine maintenance for the breach, which lasted between 10 January and 2pm today (25 January).The operator said it was in contact with the Information Commissioner's office and had also contacted the regulator Ofcom. A spokesperson for the Information Commissioner said: 'We have received a number of complaints and we are looking into these. Clearly this was something of a surprise and we need to better understand what has happened before we decide how to proceed.' He added that he believed this was the first instance of this happening.
The company said there were some instances where it would share a user's mobile number, but it would only be with 'selected trusted partners' in order to manage age verification, enable third party companies to bill for premium content or identify customers using O2 services like Priority Moments.
The breach was discovered this morning by Lewis Peckover, a web systems administrator. He set up a test website to display the information sent to a website when it is visited on a mobile phone. The information sent typically helps optimise the site according to what browser a customer is using. However, in the case of O2 customers using 3G or WAP, they could see their own phone number displayed on the webpage.