Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Email Hack Hits 15,000 Business Customers of Australian Telecoms Firm TPG

Australia’s TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers.

Australia’s TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers.

The second largest telecommunications company in the country, TPG Telecom was formerly known as Vodafone Hutchison Australia, but was renamed after its merger with TPG.

On Wednesday, the company announced that unauthorized access to a hosted Exchange service was identified during a forensic review.

“TPG Telecom’s external cyber security advisers, Mandiant, advised that they found evidence of unauthorized access to a Hosted Exchange service which hosts email accounts for up to 15,000 iiNet and Westnet business customers,” the wireless carrier announced.

The company claims that the attackers were searching for customer’s cryptocurrency and financial data, but did not specify whether customer information was indeed accessed during the attack.

“We apologize unreservedly to the affected iiNet and Westnet Hosted Exchange business customers. We continue to investigate the incident and any potential impact on customers and are advising customers to take necessary precautions,” TPG Telecom said.

No home or personal iiNet or Westnet products were impacted in the incident, the company says.

The wireless carrier did not share details on how the attackers gained access to the hosted service, but said that it has implemented measures to close the breach.

“The matter remains under investigation and we will be communicating with directly affected customers as more information becomes available,” the company said.

SecurityWeek has emailed TPG Telecom for additional information on the incident and will update this article when a reply arrives.

The incident is one of the many recent high-profile cyberattacks impacting Australian companies, after Singtel-owned Optus, Medibank, and a second Singtel subsidiary were hacked. In October, the country proposed tougher penalties for companies that fail to properly protect their customers’ data.

UPDATE: TPG Telecom has provided SecurityWeek the following statement:

This has impacted up to 15,000 iiNet and Westnet business customers. This incident does not affect any home or personal (residential) iiNet or Westnet products, such as broadband or mobile.


We are continuing our investigations and a forensic analysis of the incident to determine the scope and impact of this unauthorised access and so are not in a position to discuss details at this stage. We will directly communicate with affected customers as more information becomes available.

Related: Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses

Related: Retail Giant Woolworths Discloses Data Breach Impacting 2.2 Million MyDeal Customers

Related: Samsung US Says Customer Data Compromised in July Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.