Hackers Breach TPG Telecoms' Email Host to Steal Client Data

Hackers Breach TPG Telecoms’ Email Host to Steal Client Data

The TGP telecom giant based in North Ryde, Australia revealed that up to 15,000 iiNet and Westnet business customers have been impacted by the breach.

TPG Telecom claims that the hackers seemed to be searching for the customers’ cryptocurrency and financial information.

On 14th December, 2022, Australia’s second-largest telecommunications company, TPG Telecom, announced that an email-hosting service used by 15,000 iiNet and Westnet business customers was compromised.

It is worth noting that iiNet is an Australian internet service provider (ISP) acquired by TPG in September 2015 for $1.56 billion, while Westnet is a telecom company also owned by TPG.

TPG’s cybersecurity adviser, Google-owned Mandiant, informed the company that they found evidence suggesting unauthorized access to a Hosted Exchange Service during a forensic review. 

The company reported that the hackers seemed to be searching for the customers’ cryptocurrency and financial information. Further details were not given but an investigation into the attack continues. 

In a notification (PDF), TPG Telecom said that, “We apologize unreservedly to the affected iiNet and Westnet Hosted Exchange business customers. We continue to investigate the incident and any potential impact on customers and are advising customers to take necessary precautions.”

TPG stated that it has taken steps to cut off the access for the hacker. They also confirmed that no home or personal iiNet or Westnet products were impacted in the incident. 

This news comes just days after TPG’s biggest rival Telstra published details of 130,000 customers due to a “misalignment of databases”. 

It is worth mentioning that in May 2021, Telstra was also a victim of the Avaddon ransomware gang, who gained access to tens of thousands of the company’s SIM cards.

Avaddon hackers steals SIM card data from Telstra service provider
Sample data leaked by Avaddon hackers on their website (Image credit: Hackread.com)

Australian companies have recently become a hotspot for threat actors to target due to some initial attacks on companies such as Singtel-owned Optus, Medibank and a second Singtel subsidiary which made it apparent that Australian firms had no adequate security system in place. 

Seeing an onslaught of cyber attacks targeting Australian entities, the country proposed tougher penalties for companies that failed to properly protect their customers’ data.

MORE TELECOM SECURITY NEWS

  1. Hacker extracts Canadian Telecom Firm’s data after rebuttal
  2. Spanish telecom firm MasMovil hit by Revil ransomware gang
  3. Telecom giant behind routing SMS discloses years-long breach
  4. Police arrest minor over A1 Telecom data breach, ransom demand
Related Posts