Australian internet service provider iiNet has become the latest victim of a sophisticated cyberattack, with hackers accessing the personal details of approximately 280,000 customers through compromised employee credentials. The breach, confirmed on Saturday 16th August 2025, has sent shockwaves through Australia’s telecommunications sector as the country continues to grapple with an unprecedented wave of cyber incidents.
Parent company TPG Telecom (TPG.AX) disclosed the attack, revealing that unknown third parties had gained unauthorised access to iiNet’s order management system. The timing of the disclosure, three days after the initial discovery, has raised questions about transparency and communication protocols during cybersecurity incidents.
iiNet Cyberattack Announcement
Scale and Scope of the Data Breach
The cybercriminals successfully extracted a comprehensive database containing around 280,000 active email addresses and roughly 20,000 active landline phone numbers, along with an unspecified number of inactive contact details. More concerning is the additional data accessed, which includes around 10,000 iiNet user names, street addresses and phone numbers and around 1,700 modem set-up passwords.
The targeted system, iiNet’s order management platform, handles customer service requests and tracks orders for NBN connections and other telecommunications services. Fortunately, the system does not contain copies or details of customer identity document details (such as passport or driver’s licences), credit card or banking information.
Early investigations suggest the attack utilised stolen account credentials from an employee, highlighting the persistent vulnerability of credential-based security systems across Australian organisations.
Swift Response and Containment Measures
Upon discovering the intrusion, iiNet immediately activated its incident response protocols and engaged external cybersecurity experts to assist with the investigation. “We have engaged external IT and cybersecurity experts to assist with our investigation,” the company stated in its official response.
TPG Telecom CEO Iñaki Berroeta issued an unreserved apology to affected customers. “We unreservedly apologise to the iiNet customers impacted by this incident. We are continuing our investigations to ensure we understand all details surrounding this incident,” Berroeta said.
The company has established a dedicated customer support hotline (1300 861 036) and is directly contacting all affected customers to provide guidance and support.
Industry Context: Australia’s Cyber Crisis Continues
This latest incident adds to a troubling pattern of cyberattacks targeting Australia’s telecommunications sector. In February 2024, Tangerine Telecom, a popular Australian telecommunications provider, experienced a data breach that exposed the personal information of 232,000 customers, while Telstra disclosed a breach affecting 47,000 customers in April 2024.
The telecommunications sector’s prominence as a target reflects its critical infrastructure status and the valuable personal data these companies manage. As recent cybersecurity reports have highlighted, Australian organisations face an increasingly sophisticated threat landscape.
Rich Atkinson, executive director of technology at Australian software firm Airteam, noted the concerning trend. “TPG, Telstra, and Tangerine Telecom have all suffered credential-based breaches, proving this attack vector continues to succeed despite industry awareness,” Atkinson observed.
Government and Regulatory Response
iiNet has reported the incident to multiple authorities, including the Australian Cyber Security Centre (ACSC), the National Office of Cyber Security (NOCS), the Office of the Australian Information Commissioner (OAIC) and other relevant authorities.
This response aligns with Australia’s mandatory data breach notification requirements, which mandate organisations notify the privacy regulator of eligible data breaches within 72 hours of becoming aware of them.
The breach comes as Australia’s cybersecurity landscape faces unprecedented challenges, with the Australian Signals Directorate reporting that cyber incidents occur approximately every six minutes.
Also Read: CSL Share Price Rallies on Major Restructure and Seqirus Spin-Off Plans
Customer Protection and Recommended Actions
Cybersecurity experts are urging iiNet customers to remain vigilant against potential phishing and social engineering attacks. The exposed email addresses and phone numbers create opportunities for sophisticated scam campaigns that may appear to originate from legitimate sources.
Customers should follow these essential security measures:
- Verify all communications independently by calling iiNet directly on 1300 861 036 rather than responding to unsolicited emails or text messages
- Be alert to phishing attempts that reference personal information potentially obtained in the breach
- Monitor account activities closely for any unauthorised changes or suspicious behaviour
- Update passwords for any accounts that share credentials with iiNet services
The company has emphasised that it will never contact customers to ask for their username or password, urging customers to treat any such requests as fraudulent.
