Australian telco suffers email breach: 15,000 email accounts compromised

14 December 2022: Telecom provider TPG Telecom issues a notice that they suffered a cyber breach affecting up to 15,000 email accounts.

Findings indicate that the primary aim of the hackers was to search for customers’ cryptocurrency and financial information. TPG reassured customers that they have “implemented measures to stop the unauthorised access.”

According to the provider, an unauthorised third party accessed the Microsoft Exchange email accounts of 15,000 iiNet and Westnet business users. They clarified that no home or personal iiNet or Westnet products were not affected by the breach.

It reminds businesses of the potential risk to be aware of when using large ubiquitous programs made by major software providers. Due to the size of their customer base and need to maintain market share, convenience sometimes wins over security and hackers find weaknesses and post them to the dark web for cybercriminals to exploit.

The high-profile hack is the latest in a series of breaches, with at least eight other Australian companies going public about breaches at their respective firms since October 2022.

What this means for compliance, and highlighting the need to protect client data

The Australian government is cognisant of the gravity of cyber breaches, with Parliament approving an updated privacy penalty bill. The bill makes it clear to companies what penalties they will incur if they suffer a major data breach. It also emphasises that a data breach occurring at a firm can no longer be regarded as the cost of doing business.

With the government cracking down on data security laws of late, it’s not a stretch of the imagination to assume that data security regulations will be more stringent in the future.

As accountants are the custodians of client data, protecting this sensitive information and preserving confidentiality is an integral part of the business.

Awareness around data breaches is becoming widespread, with a recent report that the breached data of 12 million Australians are being sold on public forums. The focus on ensuring that firms take security seriously is getting more and more pronounced.

Resources for accounting firms

Aside from having the right cybersecurity in place, training and awareness go a long way when it comes to doing everything you can about securing client information.

We have some resources as a primer for firms wanting to know what they can implement in their firms when it comes to cyber security:


At Practice Protect, we have a holistic cybersecurity solution that over 20,000 accountants worldwide use to secure their data. Access management, email security, team training and compliance are at your fingertips with Practice Protect. Talk with our team to learn more.