TPG Telecom has disclosed a breach in its hosted exchange service. The breach is believed to affect up to 15,000 of its business customers.
In a statement issued to the ASX, TPG said that on December 13, its external cybersecurity advisers, Mandiant, found evidence of unauthorised access to a Hosted Exchange service. This Hosted Exchange service hosts email accounts for up to 15,000 iiNet and Westnet business customers.
“Based on the preliminary analysis undertaken to date it appears the primary aim of the threat actor was to search for customers’ cryptocurrency and financial information,” TPG said.
TPG said it is investigating the breach and any potential impact the incident may have on customers, but it’s also advising customers to “take necessary precautions”.
“We apologise unreservedly to the affected iiNet and Westnet Hosted Exchange business customers,” TPG continued.
TPG confirmed that the breach does not affect any home or personal iiNet or Westnet products, such as broadband or mobile.
As part of Mandiant’s “ongoing engagement to assist with cyber protection”, TPG said the cyber firm conducted a forensic historical review and discovered the unauthorised access to the Hosted Exchange service.
“We have implemented measures to stop the unauthorised access, further security measures have been put in place, and we are in the process of contacting all affected customers on the Hosted Exchange service,” TPG’s statement on the incident continued.
TPG has also notified the relevant government authorities and said that while the matter remains under investigation, it will be communicating with directly affected customers as more information becomes available.
Although a proper analysis is yet to be performed, the TPG incident is just the latest in a string of cyber-related breaches experienced in the second half of this year. Reports emerged earlier this week that a ‘misalignment of databases’ resulted in the details of some of Telstra’s unlisted customers being made available via directory assistance or the White Pages. It followed the telco in early October admitting that a third party it uses for its staff rewards program had suffered a breach, with “limited” Telstra employee information from 2017 affected by the incident. And, of course, the Optus data breach is the big one.