Australia’s TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers.
The second largest telecommunications company in the country, TPG Telecom was formerly known as Vodafone Hutchison Australia, but was renamed after its merger with TPG.
On Wednesday, the company announced that unauthorized access to a hosted Exchange service was identified during a forensic review.
“TPG Telecom’s external cyber security advisers, Mandiant, advised that they found evidence of unauthorized access to a Hosted Exchange service which hosts email accounts for up to 15,000 iiNet and Westnet business customers,” the wireless carrier announced.
The company claims that the attackers were searching for customer’s cryptocurrency and financial data, but did not specify whether customer information was indeed accessed during the attack.
“We apologize unreservedly to the affected iiNet and Westnet Hosted Exchange business customers. We continue to investigate the incident and any potential impact on customers and are advising customers to take necessary precautions,” TPG Telecom said.
No home or personal iiNet or Westnet products were impacted in the incident, the company says.
The wireless carrier did not share details on how the attackers gained access to the hosted service, but said that it has implemented measures to close the breach.
“The matter remains under investigation and we will be communicating with directly affected customers as more information becomes available,” the company said.
SecurityWeek has emailed TPG Telecom for additional information on the incident and will update this article when a reply arrives.
The incident is one of the many recent high-profile cyberattacks impacting Australian companies, after Singtel-owned Optus, Medibank, and a second Singtel subsidiary were hacked. In October, the country proposed tougher penalties for companies that fail to properly protect their customers’ data.
UPDATE: TPG Telecom has provided SecurityWeek the following statement:
This has impacted up to 15,000 iiNet and Westnet business customers. This incident does not affect any home or personal (residential) iiNet or Westnet products, such as broadband or mobile.
We are continuing our investigations and a forensic analysis of the incident to determine the scope and impact of this unauthorised access and so are not in a position to discuss details at this stage. We will directly communicate with affected customers as more information becomes available.
Related: Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses
Related: Retail Giant Woolworths Discloses Data Breach Impacting 2.2 Million MyDeal Customers
Related: Samsung US Says Customer Data Compromised in July Data Breach