Tangerine, a prominent telecommunications company in the country, is currently facing the aftermath of a recent cyber intrusion. This unfortunate event has resulted in the unauthorized exposure of personal details belonging to a staggering 232,000 customers.
The data leak, which took place on February 18, 2024, was brought to the attention of Tangerine’s management on February 20, 2024. Following this discovery, the company issued a statement on February 21, 2024, revealing that the compromised information included full names, dates of birth, mobile numbers, email addresses, postal addresses, and Tangerine account numbers. However, the company assured the public that sensitive information such as credit or debit card numbers, driver’s license numbers, ID documentation details, banking details, or passwords remained secure, as these are not stored by the company.
In response to the Tangerine data breach, Andrew Branson, the CEO of Tangerine, expressed sincere regret over the incident, emphasizing the company’s dedication to its customers’ security. He conveyed his disappointment and offered a heartfelt apology to the affected customers. Branson also highlighted the proactive measures Tangerine had taken in recent years to safeguard customer data, including a thorough review of the necessity of retaining certain information. He reassured the public that the company is fully committed to learning from this incident and implementing necessary improvements to prevent similar occurrences in the future.
Upon discovering the data leak, Tangerine promptly launched an investigation to identify the root cause. The initial findings revealed that the breach originated from a legacy customer database and was traced back to the login credentials of a single user engaged on a contract basis. Immediate steps were taken to prevent further unauthorized access, including revoking network and system access for the identified user and changing all other team usernames and passwords. Additionally, access to the affected legacy database was promptly closed. The company has also engaged external cybersecurity specialists to conduct a comprehensive investigation and is collaborating with the Australian Cyber Security Centre while also notifying the Office of the Australian Information Commissioner of the incident. Furthermore, all impacted customers, spanning from June 2019 to July 2023, were notified via email on February 21, 2024.
Despite the breach incident, Tangerine has assured customers that all accounts are protected with Multi-Factor Authentication (MFA), which remains unaffected. The incident has not disrupted the availability or operation of Tangerine’s services, including NBN and mobile services, which continue to operate as normal and remain safe to use.
This data breach adds to a concerning trend of cyberattacks targeting Australia’s critical infrastructure and businesses. According to the Annual Cyber Threat Report by the Australian Signals Directorate, cyber incidents in Australia rose by 23% in the fiscal year ending June, with the average damage increasing by 14%. Large businesses suffered average costs of 71,600 Australian dollars ($46,375). The seriousness of cyber threats to vital infrastructure entities has been underscored by recent attacks on major port operators in Australia, which paralyzed operations at several ports. Foreign state actors are suspected in some cases, with Russia and China implicated in malware-based hacks on critical infrastructure.
In conclusion, the Tangerine data breach has raised concerns about the vulnerability of customer data and the increasing frequency of cyber intrusions in Australia. The company is taking proactive steps to address the breach and enhance its security measures, but it serves as a reminder of the constant vigilance required in the digital age.