Tuesday, 09 August 2022 10:00

Identity check failures cost Circles.Life $300,000

ACMA chair Nerida O'Loughlin ACMA chair Nerida O'Loughlin

Telco Circles Australia (trading as Circles.Life) has paid a $199,800 infringement notice for failing to undertake required customer identity checks.

The notice followed an ACMA investigation (which involved the Australian Cyber Security Centre) that found 1,787 contraventions of industry rules for phone number transfers using Circles.Life SIMs purchased from retail stores between August and December 2021.

As a result, ACMA said, 42 consumers experienced fraud-related issues such as compromised emails accounts and loss of access to banking accounts, with at least seven of them experiencing financial losses.

In addition to paying the infringement notice, Circles.Life has offered over $100,000 in compensation to consumers who had their services compromised by scammers who took advantage of these lapses.

Circles.Life sad it "[A]ccepts the findings including that Circles contravened the Standard (and, as a consequence, the Telecommunications Act (1997)). We regret the contravention, as we are aware of its serious nature and the potential impacts on telecommunications customers."

ACMA Chair Nerida O'Loughlin said "Since the (multi-factor identification) rules were introduced by the ACMA in 2020, there has been a significant drop in mobile fraud reported to banks and government agencies.

"It is deeply concerning that Circles.Life did not have proper processes in place for such a long period and that so many people were affected or put at risk of identity theft and fraud,.

"Combatting these types of scams requires concerted action by all telcos and one weak link exposes all consumers to harm.

"It is the customers of other telcos who have fallen victim in this case by having their number transferred to Circles.Life without their knowledge."

O'Loughlin said that while the breaches should not have occurred, Circles.Life had responded quickly once it was aware of the problem. The company implemented the required identity checks, appointed regulatory staff to oversee its activities and provided some recompense to the 42 affected consumers.

"Some of the victims have experienced significant stress due to Circles.Life's failure and we are pleased to see the company is providing recompense to acknowledge the profound emotional toll and disruption often caused by these scams."

Circles.Life Australia CEO Nicholas Demos said "In line with the Telecommunications (Mobile Number Pre-Porting Additional Identity Verification) Industry Standard 2020, we were required to implement a one-time-password verification process for all port-ins by 30 April 2020. While this was done for all online port-ins, which represent the vast majority of our business, it was not done for port-ins done through our retail channels. While other verifications and security measures were in place, it represented a vulnerability in our process and breach of the Industry Standard.

"42 customers were impacted when their numbers were ported incorrectly. All 42 numbers were returned to their rightful owners some time ago and new processes and policies have been implemented to ensure that this never happens again. In fact, within 2 weeks of becoming aware of the situation we had designed, tested and deployed a fix which closed the vulnerability permanently. This is a first for us and we are deeply sorry to our customers, and the industry, as we know this represents a loss of trust. We have an enviable record and have established telco operations in five very different countries around the world and successfully navigated five unique regulatory landscapes with their own rules, processes and legislation. We have never made an error like this before and we're committed to ensuring it never happens again."

Combating SMS and identity theft phone scams is a current ACMA compliance priority.

ACMA says anyone who thinks they have been a victim of a phone scam should contact their telco and financial institution immediately.

Scams can be reported to the Scamwatch website, and ACMA provides information about spotting and stopping phone scams here.

In addition, IDCARE can help if your identity has been compromised or stolen, and can be reached at 1800 595 160 or https://www.idcare.org/ .

Read 1337 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Stephen Withers

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News