Are your details at risk? 280,000 customers hit in massive data breach
- Replies 0
If you’re an iiNet customer—or know someone who is—there’s some unsettling news you need to hear.
In a recent cyber attack, the personal details of hundreds of thousands of Australians have been exposed, leaving many wondering just how safe their information really is in the digital age.
TPG, the parent company of iiNet (as well as Vodafone and Internode), has confirmed that a significant data breach has occurred, affecting around 280,000 active email addresses and approximately 20,000 landline phone numbers.
But that’s not all—another 10,000 or so iiNet user names, street addresses, and phone numbers, plus about 1,700 modem set-up passwords, were also accessed by an unknown third party.
How did this happen? Early investigations suggest that the hackers gained access by stealing the account credentials of an iiNet employee.
Once inside, they were able to extract sensitive customer information from the company’s order management system—a system used to track broadband and other service orders.
What information was exposed?
Let’s break down what was (and wasn’t) compromised:
Exposed:
- Email addresses
- Landline phone numbers
- User names
- Street addresses
- Modem set-up passwords
NOT Exposed:
- Credit card details
- Banking information
- Identification documents (like passports or driver’s licences)
TPG has been quick to reassure customers that no financial or ID documents were stored in the affected system, so those details remain safe.
How did iiNet respond?
The breach was confirmed on a Saturday, but customers and shareholders weren’t notified until the following Tuesday—a delay that has raised some eyebrows.
In a statement to the Australian Securities Exchange, TPG apologised 'unreservedly' to affected customers and promised to contact everyone impacted, offering guidance and support.
The company has since removed the unauthorised access, brought in external cybersecurity experts, and is working closely with the Australian Cyber Security Centre, the National Office of Cyber Security, and the Office of the Australian Information Commissioner.
What Should You Do If You’re an iiNet Customer?
If you’re one of the affected customers, TPG will be reaching out to you directly. In the meantime, here are some steps you can take to protect yourself:
1. Be Wary of Suspicious Emails or Calls:
Scammers may use your exposed information to try and trick you. Be extra cautious with unexpected emails or phone calls, especially those asking for further personal details or payment.
2. Change Your Passwords:
If you use the same password for multiple accounts, now’s the time to change them—especially for your email and any accounts linked to your iiNet service.
3. Monitor Your Accounts:
Keep an eye on your email and phone for any unusual activity. If you notice anything suspicious, report it to iiNet and your bank immediately.
4. Update Your Modem Password:
If you’re one of the 1,700 whose modem set-up password was exposed, change it as soon as possible to prevent unauthorised access to your home network.
If you’re an iiNet customer, keep an eye on your inbox for official communication from the company.
If you haven’t heard anything but are concerned, you can contact iiNet’s customer service for more information.
Read more: Slash your phone bills immediately: Discover which phone plan works for bigger savings!
Have you ever been caught up in a data breach? How did you handle it? Do you have any tips for staying safe online? Share your experiences and advice in the comments below!
In a recent cyber attack, the personal details of hundreds of thousands of Australians have been exposed, leaving many wondering just how safe their information really is in the digital age.
TPG, the parent company of iiNet (as well as Vodafone and Internode), has confirmed that a significant data breach has occurred, affecting around 280,000 active email addresses and approximately 20,000 landline phone numbers.
But that’s not all—another 10,000 or so iiNet user names, street addresses, and phone numbers, plus about 1,700 modem set-up passwords, were also accessed by an unknown third party.
How did this happen? Early investigations suggest that the hackers gained access by stealing the account credentials of an iiNet employee.
Once inside, they were able to extract sensitive customer information from the company’s order management system—a system used to track broadband and other service orders.
Around 280,000 iiNet customers have had their email addresses and about 20,000 their landline phone numbers exposed in a cyber attack, according to TPG. Image source: Towfiqu barbhuiya / Unsplash. Disclaimer: This is a stock image used for illustrative purposes only and does not depict the actual person, item, or event described.
What information was exposed?
Let’s break down what was (and wasn’t) compromised:
Exposed:
- Email addresses
- Landline phone numbers
- User names
- Street addresses
- Modem set-up passwords
NOT Exposed:
- Credit card details
- Banking information
- Identification documents (like passports or driver’s licences)
TPG has been quick to reassure customers that no financial or ID documents were stored in the affected system, so those details remain safe.
How did iiNet respond?
The breach was confirmed on a Saturday, but customers and shareholders weren’t notified until the following Tuesday—a delay that has raised some eyebrows.
In a statement to the Australian Securities Exchange, TPG apologised 'unreservedly' to affected customers and promised to contact everyone impacted, offering guidance and support.
The company has since removed the unauthorised access, brought in external cybersecurity experts, and is working closely with the Australian Cyber Security Centre, the National Office of Cyber Security, and the Office of the Australian Information Commissioner.
What Should You Do If You’re an iiNet Customer?
If you’re one of the affected customers, TPG will be reaching out to you directly. In the meantime, here are some steps you can take to protect yourself:
1. Be Wary of Suspicious Emails or Calls:
Scammers may use your exposed information to try and trick you. Be extra cautious with unexpected emails or phone calls, especially those asking for further personal details or payment.
2. Change Your Passwords:
If you use the same password for multiple accounts, now’s the time to change them—especially for your email and any accounts linked to your iiNet service.
3. Monitor Your Accounts:
Keep an eye on your email and phone for any unusual activity. If you notice anything suspicious, report it to iiNet and your bank immediately.
4. Update Your Modem Password:
If you’re one of the 1,700 whose modem set-up password was exposed, change it as soon as possible to prevent unauthorised access to your home network.
If you’re an iiNet customer, keep an eye on your inbox for official communication from the company.
If you haven’t heard anything but are concerned, you can contact iiNet’s customer service for more information.
Read more: Slash your phone bills immediately: Discover which phone plan works for bigger savings!
Have you ever been caught up in a data breach? How did you handle it? Do you have any tips for staying safe online? Share your experiences and advice in the comments below!
