Protecting our customers’ data is one of our top priorities. On our Group website, under “Data protection and data security,” we provide regular – daily, in some cases – information about our commitment in this area.
Although we take a wide range of preventive measures, we cannot completely prevent data breaches. In 2022, we recorded a total of 165 data breaches in Germany. We investigated 102 of these breaches as a result of customer complaints, and four as a result of complaints of supervisory authorities. All in all, some 1 214 customers were affected by the data breaches. In none of the cases did the breach amount to a critical violation.
We participate in various projects aimed at continually improving data privacy and data security. The following are just a few examples of our recent activities during the reporting period.
In 2020, we joined with the software company SAP to develop our contact tracing app, the Corona-Warn-App. It informs users in Germany and several other countries about possible contact with people infected with the coronavirus. Even before development of the app began, the underlying data protection and security concept for it was discussed intensively. To ensure a maximum level of protection for personal data, the German government decided that storage of such data should be decentralized. This means that personal data remain on the user’s own cell phone – they are not stored centrally in the system. This concept has paid off: In Germany alone, the app has been installed as often as all other similar apps, combined, have been installed in other European countries. It is considered one of the most successful tracing apps used during the pandemic worldwide.
International cooperation for cybersecurity We have been a member of the “Cyber Security Sharing & Analytics” (CSSA) association since 2014. The association provides a technical and organizational framework via which members’ experts can share sensitive information securely – and thereby interact with and support each other.
Knocking out botnets An international comparison shows that Deutsche Telekom AG is a leader, among network operators in Europe, in the area of detection and suppression of botnets. Botnets are illicit networks of hijacked devices, created for various criminal purposes. The bigger a botnet is, the greater its cyberattack impacts can be. To keep hackers from controlling hijacked devices within a botnet, Deutsche Telekom Security GmbH experts analyze the botnet’s structures and suppress communications with its controlling servers. Botnets have frequently hijacked devices of our customers. In over 475 000 instances in 2022, we informed customers of botnet problems and helped them remove bots from their devices.
Uncovering stolen identities Our “fraud scouts” (experts from the Deutsche Telekom security team) use a special application to search the world wide web and the dark web for identities stolen from our customers. When they find such identities, we warn the relevant customers and help them address the problem. If necessary, we block affected accounts. We also inform our customers in connection with other types of security incidents, such as “smishing” (sending of fraudulent text messages (SMS)), malware infections of mobile devices and spamming. In 2022, we provided such warnings about 670 000 times. When our customers require assistance, they are welcome to contact our specially trained customer advisers.
Smart can also be safe and transparent We not only want to comply with legal guidelines, we also want to actively ensure that our customers’ data is protected. To do so, we continue to enhance technical standards, and promote maximum transparency.
For example, with our “VoiceID” (“SprachID”) service, we do not save a customer’s voice file. Instead, we save a mathematical pattern that is calculated from characteristics in the voice. The original voice – and the customer behind it – cannot be identified via such a pattern.
Strengthening trust in the cloud Since September 2021, T-Systems has been a member of the “EU Cloud Code of Conduct General Assembly” of SCOPE Europe, an association for the development of a common regulatory framework for the digital economy. With this membership, we express our commitment to the “EU Cloud Code of Conduct,” the first cloud-services standard to be accepted by European data protection authorities. T-Systems now structures all of its cloud services accordingly.
For information about other projects, please refer to our CR facts.
Protecting our customers’ data is one of our top priorities. On our Group website, under “Data protection and data security,” we provide regular – daily, in some cases – information about our commitment in this area.
Although we take a wide range of preventive measures, we cannot completely prevent data breaches. In 2022, we recorded a total of 165 data breaches in Germany. We investigated 102 of these breaches as a result of customer complaints, and four as a result of complaints of supervisory authorities. All in all, some 1 214 customers were affected by the data breaches. In none of the cases did the breach amount to a critical violation.
We participate in various projects aimed at continually improving data privacy and data security. The following are just a few examples of our recent activities during the reporting period.
In 2020, we joined with the software company SAP to develop our contact tracing app, the Corona-Warn-App
. It informs users in Germany and several other countries about possible contact with people infected with the coronavirus. Even before development of the app began, the underlying data protection and security concept for it was discussed intensively. To ensure a maximum level of protection for personal data, the German government decided that storage of such data should be decentralized. This means that personal data remain on the user’s own cell phone – they are not stored centrally in the system. This concept has paid off: In Germany alone, the app has been installed as often as all other similar apps, combined, have been installed in other European countries. It is considered one of the most successful tracing apps used during the pandemic worldwide.
International cooperation for cybersecurity
We have been a member of the “Cyber Security Sharing & Analytics” (CSSA) association since 2014. The association provides a technical and organizational framework via which members’ experts can share sensitive information securely – and thereby interact with and support each other.
Knocking out botnets
An international comparison shows that Deutsche Telekom AG is a leader, among network operators in Europe, in the area of detection and suppression of botnets. Botnets are illicit networks of hijacked devices, created for various criminal purposes. The bigger a botnet is, the greater its cyberattack impacts can be. To keep hackers from controlling hijacked devices within a botnet, Deutsche Telekom Security GmbH experts analyze the botnet’s structures and suppress communications with its controlling servers. Botnets have frequently hijacked devices of our customers. In over 475 000 instances in 2022, we informed customers of botnet problems and helped them remove bots from their devices.
Uncovering stolen identities
” (sending of fraudulent text messages (SMS)), malware infections of mobile devices and spamming. In 2022, we provided such warnings about 670 000 times. When our customers require assistance, they are welcome to contact our specially trained customer advisers.
Our “fraud scouts” (experts from the Deutsche Telekom security team) use a special application to search the world wide web and the dark web for identities stolen from our customers. When they find such identities, we warn the relevant customers and help them address the problem. If necessary, we block affected accounts. We also inform our customers in connection with other types of security incidents, such as “smishing
Smart can also be safe and transparent
We not only want to comply with legal guidelines, we also want to actively ensure that our customers’ data is protected. To do so, we continue to enhance technical standards, and promote maximum transparency.
For example, with our “VoiceID” (“SprachID”) service, we do not save a customer’s voice file. Instead, we save a mathematical pattern that is calculated from characteristics in the voice. The original voice – and the customer behind it – cannot be identified via such a pattern.
Strengthening trust in the cloud
Since September 2021, T-Systems has been a member of the “EU Cloud Code of Conduct General Assembly” of SCOPE Europe, an association for the development of a common regulatory framework for the digital economy. With this membership, we express our commitment to the “EU Cloud Code of Conduct,” the first cloud-services standard to be accepted by European data protection authorities. T-Systems now structures all of its cloud services accordingly.
For information about other projects, please refer to our CR facts.
Reporting against standardsSustainability Accounting Standards Board (SASB)