TPG Telecom, one of Australia’s largest mobile voice and data solutions providers, is investigating a cybersecurity incident impacting its iiNet brand.
The company revealed on Tuesday that it had detected unauthorized access to a management system designed for creating and tracking orders for iiNet services, including broadband.
The compromised system stores names, email addresses, phone numbers, and residential addresses. More sensitive data such as payment card information, banking information, or identity document copies are not stored on the hacked system.
“At this time, the unauthorised access appears to have been contained to the iiNet order management system,” TPG Telecom said. “Early investigations suggest the unauthorised access was gained using stolen account credentials from one employee.”
The investigation is ongoing, but the company has determined that the hackers have exfiltrated email addresses, phone numbers and other types of data from the compromised system.
The analysis conducted to date found that roughly 280,000 active iiNet email addresses and 20,000 active iiNet landline phone numbers, as well as inactive phone numbers and email addresses have been stolen.
The hackers also accessed approximately 10,000 iiNet usernames, physical addresses and phone numbers, as well as 1,700 modem setup passwords.
“We do not currently have any evidence to suggest an impact to our broader systems or other customers,” TPG said.
Related: 230k Individuals Impacted by Data Breach at Australian Telco Tangerine
Related: Connex Credit Union Data Breach Impacts 172,000 People
Related: Manpower Says Data Breach Stemming From Ransomware Attack Impacts 140,000
Related: Workday Data Breach Bears Signs of Widespread Salesforce Hack
