Telco giant Singtel has confirmed that another of its subsidiaries, Australian IT services firm Dialog, has been impacted in a cyber security incident.
Dialog confirmed that customer data was largely unaffected by the attack, with the only evidence of the leak thus far coming in the form of employee data leaked online.
The company noticed suspicious activity on its servers on 10 September and was resolved through a fast shutdown, resulting in minimal disruption, it said.
Subsequent analysis by a third-party cyber security specialist yielded nothing to suggest that data had been exfiltrated in the incident. However, on 7 October the firm discovered information relating to its current and former employees listed on the dark web.
Failure to adequately secure sensitive data can result in crimes such as identity theft, and the Office of the Australian Information Commissioner (OAIC) can fine entities up to $2.1 million (AUD) that breach its privacy laws.
“The Dialog Group (Dialog) today confirmed that the company has experienced a cyber security incident in which an unauthorised third party may have accessed company data, potentially affecting fewer than 20 clients and 1,000 current Dialog employees as well as former employees,” said the company in a press statement.
RELATED RESOURCE
Cyber security in manufacturing
The increasing cost of cyber crime means manufacturers need to adapt
“We have notified the relevant authorities and are supporting those who may be impacted to protect against the risk of fraudulent activity."
The breach marks the second attack on a Singtel subsidiary in as many months, with its major telco Optus having suffered a cyber attack in September.
Optus was subsequently accused of having caused ‘systemic ID problems’ for more than 10 million Australians. Similar to the Dialog attack, no threat actor has come forward to claim credit for the incident, though Optus data was briefly posted to a hacker forum with a ransom demand before being pulled soon after.
In a statement, Singtel denied the two events were related.
“Dialog’s systems are completely independent from NCS, Optus, and Singtel," it said. "There is no evidence there is any link between this incident and the recent event experienced by Optus.”
Singtel confirmed to the Guardian that information stolen from the company in a 2020 cyber attack was also posted on a hacking forum on 7 October. The 2020 attack had involved the data exfiltration of 129,000 customers and 23 companies.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
ASUS, Cisco, Netgear devices exploited in ongoing Chinese hacking campaignNews Critical national infrastructure is the target of sustained attempts from state-sponsored hackers, according to Five Eyes advisories
-
Off-the-shelf ransomware is spurring a new era in the Ukraine warNews Experts agreed Russian forces could be overwhelmed, forced to use less sophisticated tools to meet the regime's demands
-
NCSC: “New class” of Russian cyber attackers seek to destroy critical infrastructureNews The cyber threat has been raised due to the heightened risk of ideologically driven cyber attacks from Russia-aligned adversaries
-
Latitude Financial's data policies questioned after more than 14 million records stolenNews Some of the data is from at least 2005 and includes customers’ name, address, and date of birth
-
Latitude hack now under state investigation as customers struggle to protect their accountsNews The cyber attack has affected around 330,000 customers, although the company has said this is likely to increase
-
IDCARE: Meet the cyber security charity shaping Australia and New Zealand's data breach responseCase Studies IDCARE is recruiting a reserve army to turbocharge the fightback against cyber crime not just in the region, but in the interests of victims all over the world
-
Australia commits to establishing second national cyber security agencyNews The country is still aiming to be the most cyber-secure country in the world by 2030
-
Medibank bleeds $26 million in cyber costs following hackNews The company believes this figure could rise to $45 million for the 2023 financial year
