- TPG Telecom has confirmed a cyber attack with the country’s titles exchange agency
- Unidentified crooks stole the connection of an employee’s account and used it to exfiltrate sensitive data
- The customers of his Iinet sub-brand have been assigned
TPG Telecom, a large Australian telecommunications supplier, suffered what he described as a “limited” cyber attack – however, judging by the quantity of stolen personal information, which “limited” is delivered with fairly large quotes.
The company has published a declaration with the Australian Securities Exchange in which it said that it currently investigated an cybersecurity incident when an unauthorized third party has access to its IINET command management system – internal software tool used in the Iinet brand to create, manage and follow customer service orders.
The incident was spotted on Saturday August 16, the preliminary investigation showing that the origin of the violation was identification information of the stolen employees account. The company has described the attack as “limited” because the system which has been violated does not contain in -depth data. However, this data still includes Iinet email addresses for some customers, Inet fixed telephone numbers, contact names, contact numbers and residential addresses “for a smaller group of customers”.
Names, addresses and phone numbers
What the IINET command management system does not contain, these are copies or details of identity documents, or credit card and banking information.
The number of individuals affected is in hundreds of thousands: 280,000 active Iinet email addresses, around 20,000 Landline Iinet Iinet Active telephone numbers, around 10,000 Iinet user names, street addresses and telephone numbers, and around 1,700 MoDem configuration passwords, all stolen.
This could trigger a wave of very convincing phishing emails, vocal scams and deployments of malware / ransomware via vulnerable modems. Phishing emails can lead to the compromise of bank accounts, social media accounts and other services, and can cause identity theft, wire fraud, etc.
“We apologize without reservation to our Iinet customers affected by this incident,” said TPG Telecom in the ad.
“We will take immediate measures to contact Iinet Intés impacted customers, advise all the actions they should take and offer our aid. We will also contact all Iinet customers not impacted to confirm that they have not been affected. ”
There is currently no evidence of abuse in nature.
Via The register
