In a significant security breach, iiNet, a subsidiary of TPG Telecom, has announced that customer details may have been compromised following a cyberattack on August 16. The incident involved unauthorised access to the company’s order management system, which is responsible for generating and tracking customer orders.
An internal investigation has revealed that sensitive information pertaining to approximately 280,000 customers was exposed. This includes various email addresses, landline numbers, and usernames, alongside active and inactive accounts. Additionally, the breach has reportedly affected around 10,000 customer records, which include street addresses and phone numbers, as well as 1,700 modem setup passwords.
Notably, iiNet has reassured customers that no financial information, such as credit card details or banking data, has been breached. The hackers gained access to the system by obtaining a staff member’s stolen login credentials, highlighting vulnerabilities in the existing security protocols.
TPG Telecom’s CEO, Inaki Berroeta, expressed regret over the incident, extending an apology to those affected. He confirmed that the company is actively investigating the breach to ascertain all relevant details and is committed to improving security measures. iiNet will also reach out to impacted customers to inform them about the breach and the support available.
As a precaution, customers are being advised to remain vigilant for any unusual communications claiming to be from iiNet. The company is closely monitoring the situation and is implementing measures with its incident response team to enhance security.
The ongoing investigation aims to address the implications of this attack, with iiNet ensuring that affected customers are promptly notified.