TPG Telecom joins list of hacked Australian companies, shares slide
By Praveen Menon and Byron Kaye
(Reuters) – Internet service provider TPG Telecom Ltd became the latest Australian company to fall victim to a high-profile cyber attack, announcing on Wednesday that the emails of up to 15,000 of its business customers had been accessed.
Shares fell on the news, closing down 2.8%.
At least eight other Australian companies have gone public about the hacks since October, prompting public outrage and the government last week saying it was developing a new cyber security strategy to tackle threats. It is also considering banning the payment of ransom to cybercriminals.
TPG, Australia’s No. 2 internet provider with 7.2 million accounts, said the main goal of the hack of the hosted exchange service was to search for customers’ cryptocurrency and financial information. Its cybersecurity consultant Mandiant discovered the breach during a forensic historical review.
TPG does not hand out business account numbers, but about 29% of its pre-tax profit comes from business customers, according to its 2021 annual report.
The company said it had taken measures to stop the unauthorized access and is contacting all customers of the exchange service affected by the incident.
Other recent high-profile cyber attacks include one against telecoms firm Optus – owned by Singapore Telecommunications Ltd – which reported a data breach of up to 10 million customers while health insurer Medibank Private Ltd has said personal and significant amounts of health claims data of around 9.7 million. of current and former customers had been compromised.
A report by the Australian Cyber Security Center in November blamed flawed software updates for most major cyber attacks.
Tech experts have warned that the hacks at top companies have made Australian companies a target for copycat attacks, just as a lack of skills leaves them understaffed and ill-equipped to stop it.
The attack on TPG “shows the world and Australia that it’s still quite easy for hackers to gain access to customer records, which is obviously a huge negative and a lot of the other companies should definitely be on their guard,” said Azeem Sherrif, a market analyst at CMC Markets.
Australia ranked equal first in the world for companies that reported their biggest cyber security challenge was finding people with the necessary skills, said Michael Mestrovich, chief information security officer at cyber security firm Rubrik.
“This shortage of skilled cybersecurity talent has real consequences,” he said.
(Reporting by Praveen Menon and Byron Kaye in Sydney; Additional reporting by Savyata Mishra and Navya Mittal in Bengaluru; Editing by Edwina Gibbs)