The Australian Competition and Consumer Commission revealed that a flaw in its content management system (CMS) caused the decision to block the TPG-Vodafone merger to be leaked ahead of schedule.
The ACCC did not name its CMS, but offered the following explanation for the incident.
The information became public when, following the normal practice ahead of announcements, the information was being input into the back end of the mergers register, a third-party user sought to access the existing webpage at the precise moment it was being updated.
Instead of the new information being treated as draft content requiring internal approval, the flaw meant the content was live for eight minutes.
“We apologise unreservedly for this unfortunate and serious incident,” ACCC chief operating officer Rayne de Gruchy said.
“The ACCC has successfully managed highly market-sensitive commercial information for decades and this is the first time, to our knowledge, that a merger decision has been released in this manner.”
“We have thoroughly reviewed all of the processes and information technology systems that led to this error, and we want to assure our stakeholders this incident will not be repeated,” de Gruchy said.
CRN understands that the glitch was fixed with a patch that, in addition to preventing a recurrence of this incident, improved CMS security.
Just why the Commission was running poorly-patched software is another matter.
The decision to block the proposed $15 billion merger of TPG and Vodafone was released on 8 May 2019, one day earlier than scheduled. The ACCC justified its decision on grounds the merger would reduce competition and contestability in the mobile and fixed telephony and broadband markets.