Telecommunications giant TPG has revealed an email-hosting service used by up to 15,000 iiNet and Westnet business customers has been breached, with the hacker looking for cryptocurrency and other financial information.
TPG said in a release to the Australian Securities Exchange (ASX) on Wednesday that cybersecurity firm Mandiant had found evidence of unauthorised access to a Hosted Exchange service used by iiNet and Westnet business customers.
A Hosted Exchange service is a Microsoft product that is operated by iiNet and Westnet to provide email services to customers – typically as part of a bundle of business or home broadband services.
TPG said initial analysis of the activity on the service showed the aim of the threat actor was to search for customers’ cryptocurrency and financial information.
The company has not said what might have been obtained in the attack, but an investigation is under way and affected customers will be advised.
TPG told the ASX the breach did not affect mobile or broadband services, and access has been cut off for the attacker.
“We have implemented measures to stop the unauthorised access, further security measures have been put in place, and we are in the process of contacting all affected customers on the Hosted Exchange service,” the company said. “We have notified the relevant government authorities.”
On Monday, TPG’s biggest rival Telstra reported that a “misalignment of databases” had resulted in the details of up to 130,000 unlisted customers being made available via directory assistance or the White Pages.
Health insurer Medibank also revealed on Wednesday that law firm Maurice Blackburn had lodged a complaint with the Office of the Australian Information Commissioner (OAIC) in relation to its cyber-attack that resulted in the personal information of 10m current and former customers being published on the dark web.
It is separate to the investigation launched by the OAIC at the start of December. Medibank said it had not been contacted about the complaint by the OAIC, but the complaint alleges Medibank has breached the Australian Privacy Principles and seeks compensation for individuals whose personal information was exposed as a consequence of the cybercrime.
“Medibank continues to support its customers from the impact of this crime through our previously announced Cyber Response Support Program which includes mental health and wellbeing support, identity protection and financial hardship measures,” a Medibank spokesperson said.