An EE buyer has stated she was stalked by an ex-partner who labored on the agency, after he accessed her private information with out permission.
Francesca Bonafede’s quantity was switched to a brand new handset and her deal with and financial institution particulars had been accessed.
She stated the corporate didn’t take the information breach severely and he or she needed to contain police.
EE “sincerely apologised” to Ms Bonafede, and stated the worker not labored for the corporate.
‘They did not appear involved’
Ms Bonafede, from London, informed the BBC’s Victoria Derbyshire programme she first contacted EE in February 2018 after her telephone out of the blue stopped working.
After 5 days with no sign, she was informed somebody had visited an EE store, requested a brand new Sim card and switched the account to a brand new handset.
When the decision centre handler learn out the brand new deal with registered on the system, she recognised it as that of her ex-partner – who labored at one of many agency’s Excessive Avenue shops.
It might have meant all texts and calls made to her throughout that interval would have gone to him.
“The agent simply did not appear involved in any respect,” she stated.
“I saved asking to talk to a supervisor who might give me extra concrete data, and I used to be at all times informed no-one was accessible.”
Ms Bonafede doesn’t know for certain why her ex-partner needed to entry her account information, however thinks it could have been associated to official paperwork for which he was making use of.
She stated the person referred to as and texted her “countless occasions” in an try to steer her to withdraw the criticism, and turned up unannounced along with his associates on a number of events at her new deal with.
“It was actually distressing and I needed to go to the police and inform them what was occurring,” she stated.
“They requested me repeatedly what EE was doing about all this and I simply needed to say, ‘truly, I haven’t got a clue as a result of they do not preserve me up to date’.
“The one means he might have recognized about my new deal with was by way of the information breach, as a result of we broke up fairly a very long time earlier than that.”
Ms Bonafede’s ex-partner was finally arrested and given a harassment warning by police earlier than the contact stopped.
Regardless of being given assurances that EE would examine, she stated it was not till she began publically tweeting about the issue that the corporate began taking it severely.
“I spent numerous hours on the police station and missed days at work,” she stated. “He had entry to every thing: my type code, my account quantity, a photocopy of my driver’s licence.
“It did put me in danger and I really feel all clients ought to understand how poorly one thing like this shall be dealt with if there’s a information breach on their account.
“It was a whole breach of belief. I do not belief the way in which they dealt with my information in any respect.”
Inner insurance policies ‘not adopted’
An EE spokesman stated its personal inside insurance policies weren’t adopted on this case.
“This matter has been handled internally and the worker concerned not works for us,” he stated.
“Whereas we labored shortly to guard Francesca, we apologise for not preserving her knowledgeable of the actions that we took throughout this time.”
The Info Commissioner’s Workplace stated that below the Knowledge Safety Act and GDPR it was “unlawful for people to entry private information with out authorisation”.
It stated there was additionally an obligation for firms to make sure information was managed securely, and defend “towards unauthorised or illegal processing and towards unintentional loss, destruction or injury”.