A recent cyberattack on TPG Telecom has reignited concerns about how safe personal information really is in the hands of major companies. What the provider initially downplayed as a “limited” incident has in fact left hundreds of thousands of customers vulnerable to online scams.
The intrusion was uncovered on August 16, when unusual activity was detected in the systems of iiNet, one of TPG’s subsidiary brands. Hackers were able to get inside by misusing stolen employee logins, which granted access to iiNet’s order management platform. This internal tool is mainly used to handle service requests, but it contained far more sensitive data than many would expect.
Investigators now estimate that the attackers walked away with:
• Roughly 280,000 email addresses linked to iiNet accounts
• Close to 20,000 landline phone numbers
• Around 10,000 customer names, addresses, and contact details
• About 1,700 modem setup credentials
Although no banking details or government ID documents were exposed, cybersecurity experts caution that this type of information is highly valuable for criminals. Email addresses and phone numbers can be exploited to craft convincing phishing campaigns, while stolen modem passwords could give attackers the chance to
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: