Second Singtel subsidiary breach in a month sees customer and client data leaked

Getty Photos

Telco large Singtel has confirmed that one more of its subsidiaries, Australian IT products and services agency Dialog, has been impacted in a cyber security incident.

Dialog verified that consumer details was mostly unaffected by the attack, with the only proof of the leak consequently significantly coming in the sort of employee details leaked on the net.

✔ Approved From Our Partners

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code

The business discovered suspicious action on its servers on 10 September and was resolved by means of a fast shutdown, resulting in minimal disruption, it stated.

Subsequent analysis by a 3rd-party cyber security specialist yielded nothing to recommend that details had been exfiltrated in the incident. Nonetheless, on 7 Oct the firm discovered information and facts relating to its existing and former staff members outlined on the dark web.

Failure to sufficiently secure sensitive information can consequence in crimes these as id theft, and the Business office of the Australian Data Commissioner (OAIC) can great entities up to $2.1 million (AUD) that breach its privacy laws.

“The Dialog Team (Dialog) today confirmed that the enterprise has professional a cyber security incident in which an unauthorised 3rd party may possibly have accessed corporation facts, potentially impacting fewer than 20 customers and 1,000 existing Dialog personnel as properly as former staff members,” said the enterprise in a press statement.

“We have notified the appropriate authorities and are supporting people who could be impacted to safeguard in opposition to the risk of fraudulent exercise.”

The breach marks the second attack on a Singtel subsidiary in as many months, with its main telco Optus possessing experienced a cyber attack in September.

Optus was subsequently accused of getting brought about ‘systemic ID problems’ for extra than 10 million Australians. Equivalent to the Dialog attack, no menace actor has come forward to declare credit for the incident, even though Optus details was briefly posted to a hacker forum with a ransom desire in advance of becoming pulled soon soon after.

In a assertion, Singtel denied the two functions ended up associated. 

“Dialog’s devices are totally independent from NCS, Optus, and Singtel,” it mentioned. “There is no proof there is any connection among this incident and the latest event professional by Optus.”

Singtel confirmed to the Guardian that data stolen from the corporation in a 2020 cyber attack was also posted on a hacking discussion board on 7 October. The 2020 attack had associated the facts exfiltration of 129,000 customers and 23 companies.