Australian Telecom Company Telstra Hit by Data Breach That Exposed 30k Employees

Australia’s largest telecommunications company, Telstra, announced that it was hit by a minor (my emphasis) data breach on October 4, 2022. The breach revealed basic information about 30,000 Telstra employees, according to an internal staff email obtained by the local media, but it didn’t expose customer account data.

The data breach occurred just 2 weeks after Telstra’s main competitor, Optus, suffered a massive data breach that may have exposed nearly 10 million Australians. The leaked employee data appeared on the same forum where 10,000 customer records were leaked from the Optus attack.

Telstra insists that its systems haven’t been breached and that customer data is safe. The company said it notified all its current employees and is attempting to contact all former employees that may have been affected.

On High Alert After Optus Cyberattack

The Australian government and telecommunications sectors have been keeping a watchful eye since the massive Optus breach that exposed millions of addresses, passport numbers, and driver’s licenses. 

Telstra is a large company that hosts nearly 19 million customer accounts. Fortunately, Telstra’s breach seems to be less severe. So far, it only exposed a list of employee’s names and email addresses, and none of the company’s customers seem to have been affected. The only platform that was affected is a third-party system, Work Life NAB, that contained past and present employee data. This system is no longer active, but it was also used by several other companies. According to a spokesperson:

None of our customers’ banking or financial information has been breached or compromised. The data released is five years old and is very basic, such as names and emails, and we believe there is minimal risk. It is not a Telstra data breach, it has nothing to do with our systems or networks.

Not much information about the attack is known, other than the use of data scraping. This technique is often used with the hope of finding valuable information from old or publicly available data. The company spokesperson said without much detail:

We believe it’s been made available now in an attempt to profit from the Optus breach.

The Telstra breach may be related to the Optus attack, but that hasn’t been confirmed yet.  

How to Protect Yourself From a Data Breach

If you suspect your data and identity are at risk, you should take precautionary measures. Even if some of your information, like your name or email, has been compromised, you can still take several steps to protect yourself from cyberattacks. Here’s what you can do:

  1. Change all of your passwords immediately. Don’t use weak passwords and never use the same one for all of your accounts.
  2. Use two-factor authentication for all of your online accounts. This alone will significantly lower the chances of being hacked.
  3. Watch out for phishing scams. Phishing emails are extremely common and they’re used to steal your data or money. Never click on suspicious links you don’t recognize.
  4. Don’t reveal too much information about yourself on social media platforms. Hackers can use that data against you.
  5. Get a powerful VPN that encrypts your connection on all devices. Use CyberGhost VPN to protect your identity with military-grade encryption and connect to any public network without worrying about hackers.

Telstra is still trying to figure out if anyone else may have been affected by the data breach. If you’re a customer, keep an eye out for official updates and report any suspicious emails you may receive from people claiming to be Telstra employees.   

Leave a comment

Write a comment

Your email address will not be published. Required fields are marked*