By Reuters | Updated: August 19, 2025
Aug 19 (Reuters) – Australia’s No. 2 internet provider TPG Telecom (TPG.AX), opens new tab said on Tuesday it is investigating a cyber incident where an unknown third party secured unauthorized access to an order management system under its iiNet system.
A list of 280,000 active email addresses and around 20,000 active landline phone numbers, among others, were extracted from the iiNet system, the company said.
Additionally, around 10,000 iiNet user names, street addresses and phone numbers were compromised, along with a number of passwords.
TPG Telecom acquired the impacted internet provider in 2020 to create and track orders for its services, such as broadband connections.
The firm said the order management system, a software tool to help keep track of customer orders, does not contain details of identity documents or banking information.
TPG Telecom said it currently does not estimate any impact to its broader systems.
It has engaged external IT and cyber security experts after confirming and removing the third party access over the weekend.
Early investigations suggested that the access was gained through stolen account credentials from an employee.
Reporting by Sneha Kumar in Bengaluru; Editing by Shreya Biswas and Alan Barona
--
© Thomson Reuters 2025
