Vocus, the parent company of Australian telecommunications providers Dodo and iPrimus, confirmed a significant cyberattack on its network. The breach, which began on the night of September 29, 2023, impacted approximately 1,600 home internet and mobile customers, raising concerns about data security across the company’s services.
The attack was detected after Vocus identified “suspicious activity” within its email system, prompting an immediate shutdown to mitigate potential damages. A spokesperson for the company stated, “Our initial investigation has revealed unauthorized access to approximately 1,600 email accounts, leading to unauthorized SIM swaps on 34 Dodo Mobile accounts.”
Vocus has been actively working with affected customers to reverse these SIM swaps. Although email services were halted on Saturday, by 7:00 am on Sunday, customers regained access to their accounts but were required to contact customer service to change their passwords. Customers have been advised to stay informed through Vocus’ social media channels and website. Additional assistance is available through the identity and cyber support service IDCare.
The company has expressed regret over the disruption, with a spokesperson stating, “We apologize for the inconvenience caused by the temporary suspension of email services while we prioritized security.”
This incident marks another chapter in the ongoing struggles with cybersecurity faced by major Australian corporations. In July, a cyberattack on the third-party platform provider Salesforce led to the exposure of sensitive data for Qantas customers. The group responsible, known as Scattered LAPSUS$ Hunters, threatened to release data stolen from 39 major companies, including Qantas, Disney, Toyota, and FedEx, unless a ransom was paid.
The Qantas breach involved the theft of full names, email addresses, frequent flyer details, and other personal information. Fortunately, no credit card details, personal financial information, or passwords were compromised in that attack.
As the cyber landscape continues to evolve, incidents like the one at Vocus serve as a reminder of the importance of robust cybersecurity measures. The company is committed to investigating the breach fully and implementing necessary safeguards to protect customer data in the future.
