An anonymous hacker has ruffled feathers by placing the details of more than 30,000 iiNet customers up for sale. The information, including customer passwords and identity-based information, is a major privacy breach for the company and its subsidiaries. But will it have an impact on their wider reputation as an ISP?
Unfolding on social media, the hack initially went unnoticed by iiNet’s in-house IT team. On Monday, a Twitter user named ‘CyberWar_News’ posted a screenshot of the black-market advertisement.
“There is a shitton [sic] of data inside the database to where I haven’t even bothered to dump this whole thing but there is a lot of valuable data inside like cleartext, password etc…,” the screenshot read. “For those interested can contact me on via jabber below.” Contact email addresses were then provided.
According to the post, the database of Westnet (a WA ISP acquired by iiNet) was stolen and subsequently hawked online. But iiNet representatives have been quick to dismiss those claims, adding that the stolen data was likely attached to a legacy system utilised by the company.
iiNet chief information officer, Matthew Toohey, said the company was aware of the incident, despite claims that they did not notify account holders of the breach.
“The incident has been reported to relevant law-enforcement agencies and is currently under investigation,” he explained. “Customer username, address, telephone and, in some cases, password information may have been accessed, however, no payment details were stored on the server. The system is now offline and at no further risk.”
In total, 30,827 customers were subsequently contacted and urged to alter their passwords.
“iiNet takes the privacy and security of customer information extremely seriously and is heavily invested in the proactive monitoring of its infrastructure to ensure the risk of such intrusions is minimised,” Mr. Toohey insisted.
But the long term damage to the company’s reputation has perhaps already been done. With increasing security considerations and a constantly changing digital black-market, it seems iiNet is just another high-profile scalp in the war on sensitive data.
WYZA is Australia’s premier lifestyle and entertainment website for retirees. Visit their website today!