CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Email Hack Hits 15,000 Business Customers of Australian Telecoms Firm TPG

Australia’s TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers.

Australia’s TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers.

The second largest telecommunications company in the country, TPG Telecom was formerly known as Vodafone Hutchison Australia, but was renamed after its merger with TPG.

On Wednesday, the company announced that unauthorized access to a hosted Exchange service was identified during a forensic review.

“TPG Telecom’s external cyber security advisers, Mandiant, advised that they found evidence of unauthorized access to a Hosted Exchange service which hosts email accounts for up to 15,000 iiNet and Westnet business customers,” the wireless carrier announced.

The company claims that the attackers were searching for customer’s cryptocurrency and financial data, but did not specify whether customer information was indeed accessed during the attack.

“We apologize unreservedly to the affected iiNet and Westnet Hosted Exchange business customers. We continue to investigate the incident and any potential impact on customers and are advising customers to take necessary precautions,” TPG Telecom said.

No home or personal iiNet or Westnet products were impacted in the incident, the company says.

The wireless carrier did not share details on how the attackers gained access to the hosted service, but said that it has implemented measures to close the breach.

Advertisement. Scroll to continue reading.

“The matter remains under investigation and we will be communicating with directly affected customers as more information becomes available,” the company said.

SecurityWeek has emailed TPG Telecom for additional information on the incident and will update this article when a reply arrives.

The incident is one of the many recent high-profile cyberattacks impacting Australian companies, after Singtel-owned Optus, Medibank, and a second Singtel subsidiary were hacked. In October, the country proposed tougher penalties for companies that fail to properly protect their customers’ data.

UPDATE: TPG Telecom has provided SecurityWeek the following statement:

This has impacted up to 15,000 iiNet and Westnet business customers. This incident does not affect any home or personal (residential) iiNet or Westnet products, such as broadband or mobile.


We are continuing our investigations and a forensic analysis of the incident to determine the scope and impact of this unauthorised access and so are not in a position to discuss details at this stage. We will directly communicate with affected customers as more information becomes available.

Related: Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses

Related: Retail Giant Woolworths Discloses Data Breach Impacting 2.2 Million MyDeal Customers

Related: Samsung US Says Customer Data Compromised in July Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.