GENEVA - Four of Swisscom's internal data files were leaked to a top newspaper in what appears to be a criminal act, the telecommunications company said Wednesday.
Zurich daily Neue Zuercher Zeitung reported that it received the leaked electronic files a few months ago, but it wasn't clear to the newspaper exactly how they were obtained or where they originated from. The newspaper said they took the files, which were difficult to read, to experts to see what they contained.
The files included company and customer information, including 600,000 phone numbers, the newspaper known as NZZ reported, and among those were agreements between Swisscom and some of its individual and business clients. The newspaper ran a picture of one of the allegedly stolen backup "tapes," which is said were recorded between October 2008 and May 2010, but had emails from 2002 to 2008.
Swisscom, the nation's leading telecom, said it has already recovered three of the four files from the newspaper, and that the fourth one "has been returned by NZZ to its source."
The company said it is pursuing criminal charges and doing everything it can to get the fourth file back. A spokesman for the Swiss prosecutor's office that is handling the case confirmed to The Associated Press that it has opened a criminal investigation.
Swisscom said the four backup files from 2008 to 2010 contained internal data, including emails, but that it wasn't yet clear to Swisscom whether they also contained customer data and was still analyzing the three returned files.
A publicly traded company in which the government has the majority stake, Swisscom said it also has launched internal probes and notified the Swiss Federal Data Protection Commissioner. Data protection laws in Switzerland are particularly strict.
"Swisscom is doing its utmost to clarify the incident as fast as possible. It is currently assumed that it was motivated by criminal intent," the company said. "Swisscom is working on the assumption that the data tapes were taken illegally and has therefore filed criminal charges against persons unknown with the public."
The company said the type of "data carriers" that were apparently stolen have not been used by Swisscom since last year.
"Swisscom has extremely stringent regulations governing the secure and sustainable disposal of such data carriers," it said. "Data carriers are transported in a convoy with two escort vehicles before they are destroyed (shredded). External partner companies are also involved in this process."
The company says it now mostly stores its data on hard disks, which are demagnetized — and the data deleted — before they are disposed of in data centres.
© Copyright 2013