Share this article on:
The threat actor claims to have the data of over 44,000 employees.
The data of thousands of Telstra employees is allegedly for sale after a threat actor listed the company on a popular hacking forum.
Threat actor “UnicornLover67” listed the telco online, claiming to have the data of 47,300 employees for sale.
🚨🇦🇺UnicornLover67 is Allegedly Selling Data of Telstrahttps://t.co/TopkqmwKF9
— Dark Web Informer - Cyber Threat Intelligence (@DarkWebInformer) November 24, 2024========================
While the specifics of the stolen data were not listed, the threat actor posted a sample that seems to include names, email addresses, physical addresses and more. Some of the other unspecified data includes company names and US addresses, as well as names of mobile phone stores.
Based on investigation by Cyber Daily, some of the data does appear to belong to legitimate Telstra staff.
Telstra has yet to acknowledge the incident publicly. Cyber Daily has reached out to Telstra for more information.
In 2022, the Aussie telco suffered a data breach that saw the data of 130,000 unlisted customers published on Directory Assistance and White Pages.
While Telstra affirmed that it wasn’t a cyber attack, it did apologise for an issue that “was a result of a misalignment of databases”.
“As soon as we became aware, we started work to remove the identified impacted customers from the Directory Assistance service and the online version of the White Pages,” said Telstra chief financial officer Michael Ackland in a press release.
“We’re in the process of contacting every affected customer to let them know and to offer free support through IDCARE.
“We are conducting an internal investigation to better understand how it happened and to protect against it happening again.”
Update 25/11/24 - Telstra has told Cyber Daily that it is currently investigating the incident.
"We're aware of a claim that some of our employee's data has been accessed and listed for sale online," Telstra told Cyber Daily.
"We have no further details yet.
"Our team is investigating and we'll provide an update as soon as we know more."
Update 26/11/24 - Telstra confirmed the cyber attack, adding that stolen credentials had been used to access a pre-production test environment.
“We’re aware that a file including Telstra data has been listed for sale online by a malicious actor,” a Telstra spokesperson told Cyber Daily.
“Using the sample data, we have identified the relevant data set and that it comes from a pre-production test environment for an internal system used to log faults.”
The Telco also clarified that it was not customer data, but rather data belonging to employees and partners.