What happened
In August 2025 TPG Telecom disclosed that its iiNet subsidiaryβs order-management system had been accessed using stolen credentials, affecting an estimated 280,000 customers β with email addresses, usernames and phone numbers, and for a subset modem setup passwords, exposed [register-iinet].
Timeline
- 2025-08 β Unauthorised access to the iiNet order-management system disclosed [register-iinet].
Current status
Disclosed; customers notified and credentials reset. Figures are as reported. [register-iinet]
Why it matters
Another reminder that a single compromised business system β not the core network β is often all an attacker needs to reach hundreds of thousands of customers.