Contents:
The Australian telecommunications company Telstra reveals a data breach targeting third-party platform that holds names and email addresses of its employees.
After Optus reported its own security breach this past September, this time it is Telstra`s turn to deal with the aftermath of data leakage.
Critically, there was no breach of any Telstra systems, and no customer account information was stored on the third-party platform.
Old Data Is Still Data
According to the company`s statement, the breach targeted a third-party platform called Work Life NAB which they no longer use, and the data posted on the Internet relates to a “now-obsolete Telstra employee rewards program.” It is also specified that the leaked content dates back to 2017.
Telstra did not mention the number of people affected by the event, nor when the breach occurred, but instead claimed they made the discovery a week ago and have since informed their current staff. A Reuters article points out a Telstra internal staff email disclosing the number of affected current and former employees at 30,000.
Cyber security is a team sport, and we will continue working with the third party to determine how this happened and understand any additional impacts that may arise.
Furthermore, Telstra gave reassurance that an attempt will be made to contact the former employees that might have had their information leaked.
Vulnerable Australian Telcos
Australia’s telecommunications have been on high alert since Optus confirmed that IDs of 2.1 million customers were compromised during a cyberattack. In that instance, after failing to extort the company and fearing the imminent encounter with the law enforcement, the threat actor ended up apologizing and claimed the stolen data had been deleted with no further malicious intents in sight.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, YouTube, and Instagram for more cybersecurity news and topics.