By Navya Mittal and Savyata Mishra
(Reuters) – Australia’s No. 2 internet services provider TPG Telecom Ltd said on Wednesday it had been notified of unauthorised access to a hosted exchange service that hosts email accounts of upto 15,000 business customers, dragging its shares over 5%.
The incident is the latest in a series of high-profile hacks in Australia, including the country’s second-largest telecoms firm Optus owned by Singapore Telecommunications Ltd and its biggest health insurer Medibank Private Ltd, which combined compromised some 14 million customer accounts.
A report from the Australian Cyber Security Centre in November blamed the jump in attacks in majority of the incidents on inadequate software updates.
TPG said on Wednesday the “primary aim” of the threat actor was to search for customers’ cryptocurrency and financial information. Its cyber security adviser Mandiant discovered the breach during a forensic historical review.
“It does show to the world and to Australia that it is still quite easy for hackers to access customer records, which is obviously a huge negative and a lot of the other companies should definitely be wary,” said Azeem Sherrif, a market analyst at CMC Markets.
TPG said it had implemented measures to stop the unauthorised access and was contacting all customers on the exchange service affected by the incident.
Earlier in October, the country’s top telecom firm Telstra Corp Ltd reported a data breach relating to a third-party provider that exposed some historical employee details.
TPG’s shares were down 4.7%, against a 0.3% rise in the broader market.
(Reporting by Navya Mittal and Savyata Mishra in Bengaluru; Editing by Shounak Dasgupta and Uttaresh.V)