An apparently "limited" data breach at an Aussie telco giant turned out to have leaked 280,000 customer details

News
By published

Very few things about the incident seem "limited"

An image of network security icons for a network encircling a digital blue earth.
(Image credit: Shutterstock) (Image credit: Shutterstock)
  • TPG Telecom confirmed a cyberattack with the country's securities exchange agency
  • Unidentified crooks stole an employee's account login and used it to exfiltrate sensitive data
  • Customers of its iiNet sub-brand were affected

TPG Telecom, a major Australian telecommunications provider, suffered what it described as a “limited” cyberattack - however, judging by the amount of personal information stolen, that “limited” comes with quite large quotation marks.

The company issued a statement with the Australian Securities Exchange in which it reported currently investigating a cybersecurity incident when an unauthorized third party accessed its iiNet order management system - internal software tool used within the iiNet brand to create, manage, and track customer service orders.

The incident was spotted on Saturday, August 16, with the preliminary investigation showing that the origin of the breach were stolen employee account credentials. The company described the attack as “limited” since the system that was breached does not contain extensive data. However, that data still includes iiNet email addresses for some customers, iiNet landline phone numbers, contact names, contact numbers and residential addresses “for a smaller group of customers”.

Names, addresses, and phone numbers

What the iiNet order management system does not contain are copies or details of identity documents, or credit card and banking information.

The number of affected individuals is in the hundreds of thousands: 280,000 active iiNet email addresses, around 20,000 active iiNet landline phone numbers, around 10,000 iiNet user names, street addresses and phone numbers, and around 1,700 modem set-up passwords, all stolen.

This could trigger a wave of highly convincing phishing emails, voice scams, and malware / ransomware deployments through vulnerable modems. Phishing emails can lead to the compromise of banking accounts, social media accounts, and other services, and could result in identity theft, wire fraud, and more.

“We unreservedly apologise to our iiNet customers impacted by this incident,” TPG Telecom said in the announcement.

“We will be taking immediate steps to contact impacted iiNet customers, advise of any actions they should take and offer our assistance. We will also contact all non-impacted iiNet customers to confirm they have not been affected.”

There is currently no evidence of abuse in the wild.

Via The Register

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.