TPG said that hackers used stolen employee credentials to access iiNet’s order management system on Saturday, stealing a cache of customer contact information and passwords.

The strike comes as former Prime Minister and cyber security adviser Malcolm Turnbull lambasted a culture of complacency for fuelling high-profile cyber attacks — including those on super funds and Qantas — urging directors and executives to be more hands-on in protecting Australians.

Tyler McGee, McAffee’s Asia Pacific boss, warned iiNet customers to be on alert for fraud and other crime.

“The iiNet data breach underscores the persistent and evolving nature of cyber threats facing Australia. From healthcare and finance to retail and tech, attackers are constantly looking for weak spots to exploit, knowing how valuable this consumer data is,” Mr McGee said.

“Cybe rcriminals will take this treasure trove of sensitive information and use to impersonate people and commit fraud with stolen identities, or they will package up and sell personal data on the dark web to the highest bidder, all of this results in consumers

needing to be more cautious about who has access to their data and the proactive steps people can take to identify and stop scams, identity theft, and other online threats.”

TPG chief executive Inaki Berroeta said: “We unreservedly apologise to the iiNet customers impacted by this incident”.

“We are continuing our investigations to ensure we understand all details surrounding this incident. We will begin contacting customers to make them aware of the incident, apologise and provide details on the support available.”

iiNet joins a growing list of companies including Qantas and Medibank that have been targeted by hackers, and is the second big telco to be hit after cyber criminals stole almost 10 million customer records from Optus in late 2022.

TPG said that it took immediate action following the breach.

“Upon confirmation of this incident on Saturday, 16 August, we enacted our incident response plan, began work to ensure the security of the system and to determine what occurred. We have engaged external IT and cyber security experts to assist with our response to the incident.

“Our teams have been working around the clock to understand the full scope of customer data affected by this breach, and how this might impact them.

“We are making direct contact with affected customers to inform them of this incident, and to provide support and guidance on what to do next.”

TPG said based on the current evidence from its forensic experts, “most of this data is of a non-identifying nature and used to authenticate and activate orders for iiNet services”.

“The list contained around 280,000 active iiNet email addresses and around 20,000 active iiNet landline phone numbers, plus inactive email addresses and numbers. In addition, around 10,000 iiNet user names, street addresses and phone numbers and around 1700 modem set-up passwords, appear to have been accessed.

“We can confirm no credit, banking or financial information have been compromised. No driver’s license numbers, ID documentation details, or bank account details were disclosed as a result of this incident.”

TPG said it was working with the Australian Cyber Security Centre, the National Office of Cyber Security, the Australian Signals Directorate, the Office of the Australian Information Commissioner and other relevant authorities.

It urged customers to remain vigilant, especially to any suspicious communications received via email, text or phone call.

“We have set up a dedicated hotline at 1300 861 036 so customers can reach us if they have any concerns. A dedicated information page on our website has also been established to provide the latest updates about the incident.”

More Coverage

Qantas reveals extent of personal data targeted by hacker

Robyn Ironside

Originally published as iiNet latest Aussie company to be hit by hackers