>O2 reached out to me via email to confirm that this issue has been resolved. I have validated this information myself, and can confirm that the vulnerability does appear to be resolved.
From their statement "Our engineering teams have been working on and testing a fix for number of weeks". Can you image if a database was knowingly left unsecured for that long with data that sensitive and seemingly without telling anyone. It will be interesting to see how the ICO deal with this.
>O2 reached out to me via email to confirm that this issue has been resolved. I have validated this information myself, and can confirm that the vulnerability does appear to be resolved.