Australia’s second-largest internet provider, TPG Telecom, announced on Tuesday that it is investigating a cybersecurity incident affecting its iiNet system, where an unauthorized third party gained access to its order management system.
The company revealed that the breach resulted in the exposure of sensitive customer data, including 280,000 active email addresses and around 20,000 active landline phone numbers. In addition, approximately 10,000 iiNet user names, street addresses, phone numbers, and some passwords were compromised.
TPG Telecom acquired iiNet in 2020, integrating the provider into its operations to manage and track customer orders, including broadband connections. The company emphasized that the order management system does not store identity documents or banking information, and the incident is currently not believed to have affected its broader systems.
The breach appears to have been facilitated by stolen employee credentials, according to preliminary investigations. Once the unauthorized access was discovered over the weekend, TPG Telecom removed the intruder’s access and engaged external IT and cybersecurity experts to investigate the incident and bolster security measures.
The company is now working to assess the full impact of the breach, notify affected customers, and implement additional safeguards to prevent future incidents. The case underscores ongoing cybersecurity challenges facing ISPs in protecting customer data against increasingly sophisticated attacks.
In December 2022, TPG Telecom experienced a cyberattack that compromised the email accounts of up to 15,000 corporate customers. The breach affected clients using TPG’s iiNet and Westnet Hosted Exchange services, with attackers primarily targeting financial and cryptocurrency-related information. The company emphasized that personal accounts were not impacted and issued an apology to the affected business customers. An investigation revealed that the unauthorized access was discovered during a threat-hunting exercise by Mandiant, a cybersecurity firm
