Netvora logo
Submit Startup Subscribe
Home About Contact Submit Startup Subscribe

Vodafone Germany Hit with €30 Million Fine for Authentication Process Flaw

Comment

Vodafone Germany Hit with €30 Million Fine for Authentication Process Flaw

Netvora June 4, 2025 at 12:31 PM Security
Vodafone Germany Hit with €30 Million Fine for Authentication Process Flaw

Vodafone Germany Hit with €30 Million Fine for Authentication Process Flaw

By Netvora Tech News

The German Federal Office for Information Security (BfDI) has slapped Vodafone Germany with a €30 million fine due to vulnerabilities in its authentication process, which allowed unauthorized third parties to access eSIM profiles. The issues arose when using the "MeinVodafone" online portal in combination with the Vodafone hotline.

The BfDI discovered that the authentication vulnerabilities gave unauthorized third parties access to eSIM profiles, according to the agency. Further details about the specific vulnerabilities have not been disclosed.

Inadequate Control of Partner Companies

In addition to the €30 million fine, Vodafone Germany was also fined €15 million for failing to properly monitor its partner companies. These companies sell contracts on behalf of Vodafone, but the lack of effective control allowed malicious employees to engage in contract fraud at the expense of customers.

The fraudulent activities included closing fictitious contracts or modifying existing ones. According to the BfDI, Vodafone Germany has since improved its processes and systems to prevent such risks, including revising the selection and auditing of partner companies and terminating business relationships with companies involved in the fraud.

Consequences and Improvements

Vodafone Germany has taken steps to address the issues and prevent similar incidents from occurring in the future. The company has improved its authentication process and implemented additional security measures to protect customer data.

The BfDI's actions serve as a reminder of the importance of robust security measures and effective monitoring to protect sensitive customer information. Vodafone Germany's experience highlights the need for ongoing vigilance and investment in cybersecurity to safeguard consumer trust.

  • Unauthorized third parties gained access to eSIM profiles due to authentication vulnerabilities.
  • Vodafone Germany was fined €30 million for the authentication process flaw.
  • The company was also fined €15 million for inadequate control of partner companies.
  • Fraudulent activities included closing fictitious contracts or modifying existing ones.
  • Vodafone Germany has improved its processes and systems to prevent similar risks.

Comments (0)

Leave a comment

Back to homepage

You might also like