It has come to my attention that Vodafone have been giving out my personal information to anyone who requests it.

On their website you can access their "Forgot My Details" page. You can then put in a phone number (or random number if you are just harvesting for spam purposes) and Vodafone will tell you the email address of the Vodafone customer with that number.

No security, no checks.

If you enter a username (or guess one) Vosdafone will happily give you the email address and phone number of the customer.

Their system even allows you to guess and then verify usernames as invalid usernames result in a different message to valid usernames. Smart!

This doesn't just affect current Vodafone customers. They appear to have been hanging onto personal details of ex-customers. So of whom left Vodafone years ago.

Does Vodafone incompetence never stop?

They clearly have a crack team of rocket scientists working on their web security. Crack as in arse crack.

The Data Protection Act clearly states that a company holding personal data must protect it and provide suitable security.

This is a clear breach.

If you are a Vodafone customer or ex-customer you could complain to the Information Commissioners Office.

Unfortunately this organisation is a Government puppet organisation designed to white-wash breaches

You should be aware that we cannot award you compensation or punish an organisation for breaking the law. Our main aim is to get the organisation to change the way it works so that it handles personal information properly in the future.

If you have complained to an organisation about a data protection problem and it has corrected the mistake, we are unlikely to take action.

So bugger all use given your personal details have probably already been harvested and sold.