iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Telstra provider Schepisi Communications was allegedly hacked this week, leaking the SIM data of tens of thousands of Telstra users to a hacking group.
Cyber criminals have reportedly accessed large numbers of SIM cards on the Telstra network after an apparent cyber breach this week against Telstra partner Schepisi Communications.
Schepisi Communications provides support to Telstra’s business customers, with Nestle as well as a financial services firm among those allegedly impacted.
According to The Australian, the alleged hackers posted a note confirming their cyber breach on the darkweb.
“We have a large amount of data on mobile devices, tens of thousands of SIM cards and a lot of information for them, financial information, contracts, banking information,” the hackers wrote as reported in The Australian.
The hackers have given Schepisi Communications 240 hours to respond to their demands.
Ajay Unni, founder of StickmanCyber and member of the NSW government’s 2020 Cyber Security Task Force, commented that businesses must ensure that third-party providers match their expected level of cyber security.
“When businesses engage a third party, either to provide them with a service or service the end customer steps need to be taken by the principal (in this case Telstra) to ensure the risk is managed properly,” Unni said.
“Third party risks have been misunderstood and even ignored in the past with the expectation being that outsourcing a particular aspect of the business means any breaches that occur are the problem of the third party. In reality, outside contractors can often access the principals’ systems, applications and databases which essentially opens them up to new threat vectors that can use vulnerabilities found in the third party to access and attack the principals’ systems.
“Back in 2013 Target fell victim to the biggest data breach in history as a result of their systems being hacked through an outsider contractor. Target lost millions of customers credit card information due to a vulnerability from one of their third parties. The incident highlighted the gaping vulnerabilities casual employees and contractors could potentially have on an organisation which is especially prevalent in today’s gig-economy model.”
According to IT Wire, the hackers allegedly used the Avaddon ransomware to execute the attack.
More to follow.
Liam Garman is the editor of leading Australian security and defence publications Cyber Daily and Defence Connect.
Liam began his career as a speech writer at New South Wales Parliament before working for world leading campaigns and research agencies in Sydney and Auckland. Throughout his career, Liam has managed and executed a range of international media and communications campaigns spanning politics, business, industrial relations and infrastructure. He’s since shifted his attention to researching and writing extensively on geopolitics and defence, specifically in North Africa, the Middle East and Asia. He holds a Bachelor of Commerce from the University of Sydney and a Masters of Strategy and Security from UNSW Canberra, with a thesis on postmodernism and disinformation operations.
Be the first to hear the latest developments in the cyber industry.
