Telstra Telecom discloses data breach impacting former and current employees

Bad news for the Australian telecommunications industry, the largest company in the country Telstra suffered a data breach.

Australia’s largest telecommunications company Telstra disclosed a data breach through a third-party supplier.

The company pointed out that its systems have not been breached, the security breach impacted a third-party supplier that previously provided a now-obsolete Telstra employee rewards program.

The data breach impacted a third-party platform called Work Life NAB, which si no longer live, that was supplied by Pegasus Group Australia (a subsidiary of MyRewards International Ltd.) to several other organisations.

It was run by Pegasus Group Australia, which is a subsidiary of MyRewards International Ltd.

Narelle Devine, the company’s chief information security officer for the Asia Pacific region, added that no customer account information was stored on the third-party platform. It seems that the security breach also impacted other companies.

Data leaked online was from 2017, it includes the names (first and last) and email addresses used to sign up for the employee rewards program.

“Information obtained as a result of a data breach at a third-party supplier, was posted on the internet. The supplier previously provided a now-obsolete Telstra employee rewards program.” reads the statement published by the company. “Critically, there was no breach of any Telstra systems, and no customer account information was stored on the third-party platform.”

According to the post published by Reuters, who had access to internal staff email sent by Telstra, the number of impacted current and former employees is 30,000.

The company is still investigating the incident and is supporting the third party to determine how the security breach happened and its extent.

Recently the second largest company in Australia, Optus confirmed that nearly 2.1 million of its current and former customers were impacted by a security breach they have suffered,

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Telstra Telecom)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.