Overview

• The unauthorized access occurred on August 16 to iiNet’s order management platform used to create and track customer orders.
• About 10,000 names with street addresses and phone numbers, plus roughly 1,700 modem setup passwords, were also taken.
• The company says no credit, banking or identity documents were exposed because the affected system does not store that information.
• iiNet has engaged external cyber specialists, notified the ACSC, the National Office of Cyber Security, the ASD and the OAIC, and says its investigation continues.
• Affected customers are being contacted and urged to watch for suspicious emails, texts or calls, with the disclosure following earlier iiNet/TPG security incidents in 2022 and 2015.