Australia’s TPG Telecom says up to 15,000 e-mail accounts of business customers hacked

The hack was an attempt to access customers’ cryptocurrency and financial information, TPG said. PHOTO: ST FILE

SYDNEY - Internet service provider TPG Telecom became the latest Australian company to fall victim to a high-profile cyber attack, announcing on Wednesday that the e-mails of up to 15,000 of its corporate customers had been accessed.

Its shares fell on the news, closing down 2.8 per cent.

At least eight other Australian companies have gone public about hacks since October, prompting public outrage and the government to say last week that it is developing a new cyber-security strategy to tackle threats. It is also considering banning the payment of ransom to cyber criminals.

TPG, Australia’s No. 2 Internet service provider with 7.2 million accounts, said the primary aim of the hack of the hosted exchange service was to search for customers’ cryptocurrency and financial information. Its cyber-security adviser Mandiant found the breach during a forensic historical review.

TPG does not break out corporate account numbers, but about 29 per cent of its pre-tax profit comes from corporate customers, according to its 2021 annual report.

The company said it had implemented measures to stop the unauthorised access and was contacting all customers on the exchange service affected by the incident.

Other recent high-profile cyber attacks include one on telecoms firm Optus – owned by Singtel – which reported a data breach of up to 10 million customers, while health insurer Medibank has said personal and significant amounts of health claims data of around 9.7 million of current and former customers had been compromised.

A report from the Australian Cyber Security Centre in November blamed inadequate software updates for the majority of major cyber attacks.

Technology experts have warned that the hacks on top corporates have made Australian companies a target for copycat attacks just as a skills shortage leaves them understaffed and ill-equipped to stop it.

The attack on TPG “does show to the world and to Australia that it is still quite easy for hackers to access customer records, which is obviously a huge negative and a lot of the other companies should definitely be wary”, said Mr Azeem Sherrif, a market analyst at CMC Markets.

Australia ranked equal-first in the world for companies reporting that their biggest cyber-security challenge was finding people with the necessary skills, said Mr Michael Mestrovich, chief information security officer at cyber-security firm Rubrik.

“This lack of skilled cyber-security talent has real-world impacts,” he added. REUTERS

Join ST's Telegram channel and get the latest breaking news delivered to you.