This week, an announcement was made by TPG Telecom in Australia stating that an unidentified threat actor had acquired unauthorized access to a server that hosts the email accounts of 15,000 subscribers. After Singtel-owned Optus, Medibank, and a second Singtel subsidiary were hacked, this event is one of the numerous recent high-profile hacks that have affected Australian corporations. In October, the nation recommended more stringent punishments for businesses that fail to adequately secure the personal information of their clients.
TPG Telecom was originally known as Vodafone Hutchison Australia. Following its merger with TPG, the firm changed its name to TPG Telecom and is currently the country’s second biggest provider of telecommunications services.
During the course of a forensic investigation, the firm found evidence of illegal access to a hosted Exchange service, and on Wednesday, they made the news public.
The cellular carrier did not provide any specifics on the manner in which the attackers were able to access the hosted service, but it did state that it had taken steps to secure the vulnerability that allowed the breach to occur.
The external cyber security consultants for TPG Telecom, Mandiant, have informed the company that they have discovered evidence of unauthorized access to a Hosted Exchange service. This service hosts email accounts for up to 15,000 corporate clients of iiNet and Westnet.
According to the preliminary research that has been done up to this point, it would seem that the main objective of the threat actor was to look for bitcoin and financial information belonging to consumers. The firm would like to extend an unreserved apology to all of the impacted business customers of iiNet and Westnet Hosted Exchange. It is continuing to examine the issue and any possible effect it may have on consumers, and it is asking customers to take all required safeguards in the meanwhile.
No residential or personal iiNet or Westnet products, such as internet or mobile, are impacted in any way by this event.
It has adopted steps to block the unauthorized access, further security measures have been put in place, and we are now in the process of addressing all customers who were impacted by this issue with the Hosted Exchange service. It has informed the appropriate government authorities about the situation.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.