TPG Telecom claims that the hackers seemed to be searching for the customers’ cryptocurrency and financial information.
On 14th December, 2022, Australia’s second-largest telecommunications company, TPG Telecom, announced that an email-hosting service used by 15,000 iiNet and Westnet business customers was compromised.
It is worth noting that iiNet is an Australian internet service provider (ISP) acquired by TPG in September 2015 for $1.56 billion, while Westnet is a telecom company also owned by TPG.
TPG’s cybersecurity adviser, Google-owned Mandiant, informed the company that they found evidence suggesting unauthorized access to a Hosted Exchange Service during a forensic review.
The company reported that the hackers seemed to be searching for the customers’ cryptocurrency and financial information. Further details were not given but an investigation into the attack continues.
In a notification (PDF), TPG Telecom said that, “We apologize unreservedly to the affected iiNet and Westnet Hosted Exchange business customers. We continue to investigate the incident and any potential impact on customers and are advising customers to take necessary precautions.”
TPG stated that it has taken steps to cut off the access for the hacker. They also confirmed that no home or personal iiNet or Westnet products were impacted in the incident.
This news comes just days after TPG’s biggest rival Telstra published details of 130,000 customers due to a “misalignment of databases”.
It is worth mentioning that in May 2021, Telstra was also a victim of the Avaddon ransomware gang, who gained access to tens of thousands of the company’s SIM cards.
Australian companies have recently become a hotspot for threat actors to target due to some initial attacks on companies such as Singtel-owned Optus, Medibank and a second Singtel subsidiary which made it apparent that Australian firms had no adequate security system in place.
Seeing an onslaught of cyber attacks targeting Australian entities, the country proposed tougher penalties for companies that failed to properly protect their customers’ data.