Security Experts:

Connect with us

Hi, what are you looking for?



Second Australia-Based Singtel Subsidiary Hacked

Hackers have attacked a second subsidiary of Singapore Telecommunications Ltd (Singtel), the company said Monday, but analysts said it appeared the Southeast Asian telecom giant was not being specifically targeted.

Hackers have attacked a second subsidiary of Singapore Telecommunications Ltd (Singtel), the company said Monday, but analysts said it appeared the Southeast Asian telecom giant was not being specifically targeted.

In a filing with the Singapore Exchange, Singtel included a statement from Dialog, an Australia-based IT services consulting company it acquired in April, confirming that “an unauthorized third party may have accessed company data”.

Dialog said “fewer than 20” of its clients and about 1,000 current and former employees may have been affected.

The unauthorised access was detected on September 10, and on October 7 it was discovered that “a very small sample of Dialog’s data, including some employee personal information, was published on the Dark Web”, the company said.

Optus, Australia’s second-biggest telecom firm and also a Singtel subsidiary, revealed last month that information on up to 9.8 million of its customers — more than a third of the country’s population — may have been compromised in a massive cyberattack.

The Optus breach, one of the largest hacks in Australia’s history, led to the theft of customers’ names, birth dates, phone numbers, addresses, driver’s licence information and passport numbers, the company said.

Singtel, which also has major investments in India, Indonesia, the Philippines and Thailand, said in a statement to AFP that “there is no evidence to suggest there is any link between this incident and the recent event experienced by Optus”.

It also pointed out that Dialog is a newly acquired company.

Professor Liu Yang from the school of computer science and engineering at Nanyang Technological University (NTU) said there was no indication that Singtel was being targeted.

“Given the prevalence of cyber-breaches, this is likely to be a coincidence rather than a deliberate attack at Singtel,” he told AFP.

“Given the recent Telstra breach, there is an increased likelihood that the attacks are targeted at the Australian infrastructure instead,” he added. Telstra is Australia’s biggest telecommunications company.

US-based cybersecurity firm Trellix said the telecom sector was the most targeted industry worldwide in the first quarter of this year, accounting for 53 percent of total ransomware detections.

Other industries such as financial services and manufacturing, which hold vast amounts of sensitive data, “are also often the key targets for malicious actors”, Jonathan Tan, managing director for Asia at Trellix, told AFP.

The one common element is that “cybercriminals are now targeting new sectors that have long slipped under the radar,” he said.

“As organisations in these sectors shore up their defences, bad actors will continue to look for easier victims that are more likely to be caught off guard.”

RelatedAustralian Police Make First Arrest in Optus Hack Probe

Written By

AFP 2023

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...