TPG Telecom, a prominent Australian telecommunications provider, has confirmed a cyberattack impacting its iiNet customer base. The company disclosed the incident in a statement to the Australian Securities Exchange, revealing that an unauthorized third party gained access to its iiNet order management system.

The breach, discovered on Saturday, August 16, stemmed from compromised employee account credentials. While TPG Telecom initially described the attack as “limited,” the extent of the data accessed suggests otherwise. The affected system, used for managing customer service orders within the iiNet brand, did not contain sensitive information such as identity documents or financial details. However, a significant amount of customer data was compromised.

The stolen data includes 280,000 active iiNet email addresses, approximately 20,000 active iiNet landline phone numbers, around 10,000 iiNet user names along with corresponding street addresses and phone numbers, and roughly 1,700 modem set-up passwords. This information could be exploited for phishing campaigns, voice scams, and malware distribution through vulnerable modems.

You Might Also Like
Say goodbye to subtitles as YouTube dubs videos in 9 languages
Say goodbye to subtitles as YouTube dubs videos in 9 languages
Best 4K projectors to turn your home into a movie theater
Best 4K projectors to turn your home into a movie theater
Samsung Galaxy Z Flip 6
Samsung Galaxy Z Flip 6 comes with big upgrades in a small, foldable package

TPG Telecom acknowledged the potential risks associated with the breach, including the possibility of banking account compromises, social media account takeovers, identity theft, and wire fraud. The company emphasized that there is currently no evidence of the stolen data being used maliciously.

“We unreservedly apologise to our iiNet customers impacted by this incident,” TPG Telecom stated in its announcement. As a response to the breach, TPG Telecom plans to contact both affected and unaffected iiNet customers to provide guidance and assistance. The company intends to inform impacted customers about necessary actions to mitigate potential risks and reassure unaffected customers that their data remains secure.

The incident is under investigation, and TPG Telecom is working to contain the breach and prevent future occurrences. The company’s priority is to protect its customers and maintain the integrity of its systems. The Register initially reported the breach.