Get Help

Protecting your privacy.

handy giff-staffer


If you’ve been following our forum announcements you’ll have seen that last week a serious data privacy problem was discovered that affected giffgaff members – it meant that the mobile number of giffgaff members was made available to websites in the “header” information that is passed between web servers and mobile handsets during web browsing.


The problem affected O2 and some of the partners that use its network, which is why giffgaff was affected, and after being detected on Wednesday morning it was quickly fixed by 2pm on Wednesday afternoon. However, the fault had actually been in place since 10th Jan so any web browsing that our members did since between that date and last Wednesday would have been equally vulnerable.


I’d like to reassure all our members that we take data privacy very seriously, and will be working with O2 to ensure that this problem does not re-occur. Like all companies who hold customer data we have a privacy policy that outlines what data we hold and how we use it. We also have a policy of never selling or giving your data to third parties.


The fault occurred when some maintenance work meant that mobile numbers were shared with all websites and not special, trusted sites. This has raised some alarm as it not generally known that your mobile number can be shared in this way – although it has been standard practice in the mobile industry for over 10 years and the vast majority of networks work in this way.


These trusted sites are ones that need your mobile number to either verify your identity or to bill for content – most ringtone and wallpaper sites work in this way. Our members have been debating whether mobile numbers should be made available in this way – the answer isn’t as straightforward as you might imagine since anytime you call a business without blocking your number that business could very easily log it and use it to call you back or text you (although what they could say to you is quiet restricted under data protection laws - they certainly couldn't sell your number to a 3rd party).


My personal view is that mobile number sharing on the web should use the same controls as for voice calls – so if you withhold your number it works for websites too. It would mean that some websites wouldn’t work properly, but then if you withhold your number many people you call will decline to answer. It’s about personal choice after all.


Don't worry oldyorkie, I tend to read things quite literally too.

Though after frequenting these forums as much as I do, I have got into the habit of trying to actually make sense of what is written, rather than just taking it as read. Only because everything giffgaff write on this blog seems to have a typo, or some other grammatical error in it, somewhere...


It doesn't help though, that I was once trained as a proof-reader, either... Smiley Happy

Though if there are any mistakes in anything I have typed, can I use the excuse that I was taught over ten years ago?


he he he he cheers mate... better watch out for my own typos from now on then ... I've just opened the gates haven't I? Smiley Tongue


Thanks for the update 


Just wondering are we going to get compensation cause soon all of us will be getting loads of spam

i kp gtin calld by a randum nmber since this breech :/

A quick question. This may seem dumb but what can they actually do if they get our phone numbers. Can they remove credit without us knowing or something like that or is just that me might get marketing phone calls and texts. If its the latter then its not quite as disasterous as the former. 


Can anyone enlighten me about this. 


Don't know a lot about this sort of stuff but I would imagine you'll just get irritating phone call where there's nobody on the line or some idiot saying 'Goodmorning Mam and how are you today' before they launch into their speech.  It's at this point that I ask where they got my number, what's the name of the company, what's their full name and extension number, I also tell them that they are to remove my number from their list and  that their telephone number has come up on my screen and so I'm going to report them - they usually hang up!!!!   Just proves though how a mistake can escalate into being a total pain in the backside for people!


Thanks for this enlightening update :-)


I still want compensation though. Being a frequent use of mobile internet, this is quite perpostuous!


I also want to know  - who are these 'trusted sites'? It better be able to be turned off!


They say they fixed it, but when the story first broke, I checked my header information on and it did not display my number.

I got my iphone 4s from the applestore. I put my sim in my old 3gs that I got from o2 and my number was visible in the header. Having said that, I haven't tried the 3gs since they fixed it


Well, I'd like to say thank you Mike - one for assuring us and secondly for putting up with the huge uproar created for such subject. I don't care what others say - giffgaff have a much better attitude towards this than o2. Seems they don't care, and quite frankly water down the issue. giffgaff acknowledge the issue and there's the difference.


@liamwli Compensation? Please think this through. Firstly it's not giffgaff's issue. You should go see o2. And secondly you're under 16 and so entries are looked at differently in this scenario so your privacy isn't an issue here as they can't be used against you Smiley Happy.