Overview

• TPG disclosed the incident on Tuesday after detecting the intrusion on Saturday, 16 August, and said investigations remain underway.
• Early findings indicate an attacker used stolen credentials from an employee to enter iiNet’s order management system.
• Extracted records include about 280,000 active email addresses, around 20,000 landline numbers, roughly 10,000 usernames with street addresses and phone numbers, and about 1,700 modem setup passwords, plus some inactive data.
• External cybersecurity specialists have been engaged, and federal agencies including the ACSC, NOCS, ASD and OAIC have been notified.
• Impacted customers are being contacted, a support hotline at 1300 861 036 is available, and users are urged to watch for phishing or other suspicious communications.