Hackers Sift through 15,000 Exchange Email Accounts Hosted by TGP Telecom Looking for Crypto

Hackers have compromised the email accounts of more than 15,000 TPG Telecom customers in Australia, according to an investigation that uncovered the intrusion.

Most of the time, data breaches are detected quickly. Companies and security researchers can often determine whether a data breach occurred shortly after the information hits the dark web.

Unlike more common attacks aimed at the general collection of personal information, criminals had a very specific goal when they breached TPG Telecom. They went after cryptocurrency and financial information that might be stored in emails.

“On 13 December 2022, TPG Telecom’s external cyber security adviser, Mandiant, advised that they found evidence of unauthorised access to a Hosted Exchange service which hosts email accounts forup to 15,000 iiNet and Westnet business customers,” said the company in a press release.

“We have implemented measures to stop the unauthorised access, further security measures have been put in place, and we are in the process of contacting all affected customers on the Hosted Exchange service. We have notified the relevant government authorities,” the company added.

There’s no indication if the attackers did anything else with the access they had gained, and TGP Telemcom says that home or personal iiNet or Westnet products were not affected by the breach.

The information that’s missing from the press release is the date of the breach, as TGP only acknowledged that the intrusion was discovered during a routine inspection of older data.

TGP Telecom will begin informing affected users as more data becomes available.