The Next Data Breach Will Be at Telstra

Due largely to Optus’s mistakes, the phrase “data breach” has entered common parlance in Australia during the past several weeks. But now, evidence have emerged of another data breach hitting the Aussie telco sector — this time, it’s Telstra and it is workers who are at danger.

Telstra apparently sent out a note to colleagues over the weekend warning them of the data leak, which was initially brought to our notice by The Australian. Telstra has already verified the incident, stating to Gizmodo Australia that “limited” employee data from 2017 was exposed in the data breach that affected a third party. It is believed that a third party managed Telstra’s employee awards programme.

With their names and email addresses posted on what is thought to have been the same forum as the Optus customer data, the data breach is estimated to have affected about 30,000 current and past employees. 12,800 of the identities that were disclosed were still associated with Telstra, according to news.com.au.

Telstra stated that the leaked data was not highly personal and made it clear that it was not at fault for the data breach.

To be clear, no Telstra systems were violated, the spokeswoman stated.

The only information that was disclosed was the complete names and email addresses that users used to register on the platform.

The spokesman further reaffirmed that no consumer account information was exposed.

The representative stated, “We assume it was released quickly in an effort to capitalise on the Optus intrusion.” The appropriate authorities have been informed, current workers have been informed, and while former employees are not at significant danger due to the data, we will make an effort to let them know as well.

Optus

Optus said on September 22 that it had been the target of a cyberattack. Optus has not yet provided an analysis of what precisely occurred, but we do know that information on current and previous customers, including name, address, and date of birth, as well as, occasionally, information from driver’s licences, passports, and Medicare, is at danger.

According to sources with knowledge of the incident, up to 72,000 current and former employees from 15 different companies that used the platform had their names and email addresses stolen back in 2017. However, the majority of these users, who were no longer current employees, accessed the platform using their work emails, according to the sources. The data was taken five years ago, but it wasn’t until recently that it was made available online.