Skip to main content

Malaysia blogger discovers major glitch in Maxis online billing platform that accesses random accounts

When blogger Arysan decided to access his phone bill online, he discovered a major glitch in the telco’s online platform that led him to random accounts of other subscribers whenever he logged into his account.

Wrote Arysan,

So today, i was logging in my maxis account and i found that it has logged me on a different account. And each time i logout, and re-login, it will bring me to another new account. And i’ve been seeing other people’s emails and telephone number and also be able to browse their phonebook that they backed up with maxis. THIS IS A HUGEEEEE breach of privacy. I tweeted about it and got re-tweeted by some of influential people. And later got a phone call by Caroline (their social media rep i think) demanding me to remove my screenshot due to privacy. Ok, i admit that i screenshot the phone number and email without masking it, so fine, my bad. I will now re-post the screenshot whilst masking some part of the number and names k?

Instead of calling a spade a spade, Maxis decided to hoodwink the blogger by responding that he has accessed a test account and the details found was not a valid Maxis account holder.

From Arysan,

Maxis doing a damage control and replied:

“MaxisListens: @arsyan @demonick As a result, customers who logged in to the portal were able to see a TEST A/C which was not a valid Maxis cust’s profile.”

But as you know, bloggers are quite the inquisitive sort. So Arysan decided to send the “test account” an sms and it turned out that what Maxis said was not true.


Image from http://arsyan.com/blog/2010/10/04/maxis-billing-system-bug/

Social media moral lesson of the day – Double check you replies on social media or it will come back to haunt you.

From a brand’s perspective, it can be quite a nuisance to see a blogger finding a major glitch in your online services that could put a dent on the brand’s reputation. But taking on the blogger with a lie isn’t a solution. Maybe it was a lie but the social media respondent was misinformed.

So how should have Maxis respond?

First of all, the glitch, if left unreported or unblogged, could have resulted in more personal accounts being accessed by unknown parties. The blogger was, in fact, doing Maxis a service.

Maxis should have thank the blogger to spotting this and inform the blogger that a team has been put in place to remove this glitch.

Maxis should have also taken the role to provide the blogger with updates of the team progress.

Next, once the glitch has been fixed, Maxis could have inform the blogger about it and also thanked him with a reward for noticing the bug and for alerting them.

From a PR perspective, Maxis should send out a release, apologising for the glitch, highlight the steps that have been taken to prevent the glitch and the remedies to ensure that such a glitch would not happen again.

Dealing with a crisis created by a blogger is no different from how you should handle a crisis with the media. After all, the blogger is the public in public relations.

Labels:

Comments

Post a Comment

Popular posts from this blog

Singapore radio personality in "hot soup" for reporting train delays based on Tweets?

Update - Hossan Leong has commented on this post to say " I'm not in trouble pls don't blow this out of proportion. Let it rest. It's getting silly. Thank you for your love and concern and I apologize for any misunderstanding." ~  Hossan Leong. Hossan Leong, a Singapore radio personality for The Gold Breakfast Show on Gold 90.5, was censured today for reporting on train delays on the Circle Line because he based the information on Tweets, rather than waiting for the official reports from the Circle Line operator, SMRT.  It is, however, unknown if the "warning" came from Mediacorp producers or SMRT. Tweeted Hossan Leong ,  OK...I reported it on air and now I'm getting into trouble for it?? The CC line is DOWN rite? I did nothing wrong rite? The SMRT Circle Line was reported to be down this morning during peak hours and started as early as 7am. However, local news only received official statement was received by the mainstream media at about 9...
14 comments
Read more

DBS Bank – One Tweet too little too late.

(Updated post - DBS apologise with the 3Rs – Will social media bite? ) It was the bluest Monday for DBS/POS Bank in its entire banking history when more than 1000 of their ATM and online banking services were taken offline due to a software upgrade an outage (PR announced that it was down due to software upgrade, but the outsourcer, IBM, later claimed it was an outage). So on that Monday, DBS decided to sign up onto Twitter and post a 140 characters one-liner onto Twitter to post a one liner to inform the Twitterverse of the down time. Everybody knows that if you just create a new account on Twitter, you would start off with 0 friends. How would you be able to inform the Twitterverse if you start with 0 friends? DBS Bank did something smart to insert the #dbs and #posb and that probably drew some attention to this account. However, the effectiveness of the tweet was lacking as it drew only 28 retweets. As of this posting, DBS Bank attracted 274 followers. A letter to T...
9 comments
Read more

New field in SocialPR: Social Media Crisis Communications

I have been busy with family for the Lunar New Year week but it seem the Singapore blog-o-sphere was active, and is still is, about recently formed Association of Bloggers (Singapore), ABS for short. To cut a long story short, the announcement of ABS via mainstream media didn’t go down well with Singapore bloggers and in the end resulted in some speculation to why ABS was set-up in the first place. A post by the ABS president defending herself against a harsh criticism from a blogger added to the bad start and created even more speculation that ABS was set-up with an ulterior motive. A week later, some founding members of the pro-team started posting up notice of resignation on their blogs and this just added fuel to fire. Again, a story of ABS appeared in mainstream media and this lead to even more disgruntled bloggers asking why the president isn’t responding via her blog or the association’s blog. I also responded to a post about the ABS incident. You can catch a summary of...
6 comments
Read more