Telstra has been hit by a cyber attack, with hackers claiming to have stolen SIM card details.
Hackers say they gained access to ‘tens of thousands’ of SIM cards following the infiltration of a Telstra service provider by a major cyber assault.
Hackers say they gained access to “tens of thousands” of SIM cards following a cyber assault on an Australian telecommunications company.
The victim, Melbourne-based Schepisi Communications, describes itself as a “platinum associate” of Telstra, supplying the telecommunications giant with phone numbers and cloud storage services.
The company’s website has been unavailable for several days following an attack by a hacker group that claimed to have breached the company’s data systems and posted a troubling ransom note on the dark web.
“We have a lot of data on mobile devices, as well as tens of thousands of SIM cards… financial data, contracts, and banking data,” the ransom note said.
Telstra reported a security breach affecting one of its “dealers.”
“We have spoken with the dealer and have been informed that some ‘high level’ Telstra business customer details, such as mobile phone numbers, could have been accessed via the dealer’s order fulfillment system,” a Telstra spokesman said.
“We are obtaining additional information but agree that no confidential personal information was used.
Our specialized cyber security team is assisting the dealer in resolving the issue.”
Telstra’s spokesperson added that the company had stringent rules in place for how business partners could access customer data and that no Telstra systems had been compromised.
Customer phone numbers and addresses appeared to be revealed in excerpts of documents posted on the dark web as part of the blackmail attempt.
Among the customers of Schepisi whose details seemed to have been compromised were global food conglomerate Nestle, a Melbourne radio station, an Australian property management agency, and a Victoria-based financial services business.
Schepisi, according to an archived version of its website from earlier this year, provides business clients with access to and support for Telstra products and services.
This includes assisting companies with record “migration” from physical servers to Telstra’s cloud storage service.
“A Telstra cloud service removes the need for companies to maintain their own servers by storing all company data in virtual servers online,” Schepisi’s website said.
Additionally, the company provides access to Telstra’s enterprise cell phone plans.
The hacker group posted a ransom note late last week, complete with a ticking timer scheduled to expire this weekend.
Prior to that date, the suspects pleaded with the organization to “communicate and cooperate” or else “valuable company documents” would be leaked.
According to Brett Callow, a threat analyst with the cyber security company Emsisoft, the hackers used a “triple-pronged” attack strategy, stealing data, encrypting it to prevent it from being accessed without the hackers’ assistance, and shutting down the victim’s website.
“The targets face three issues: their data has been stolen, their networks have been locked, and they are currently under a DDoS attack,” Mr Callow explained.
DDoS is an acronym for “distributed denial of service,” and it refers to a technique for taking down a website by overwhelming it with meaningless data requests that overload the system.
“Unfortunately, businesses in this situation are without viable options,” Mr Callow said.
“They suffered a data breach, which cannot be reversed. Paying the ransom secures them only a guarantee that the stolen data will be removed – and that promise carries no weight because it comes from an untrustworthy bad faith actor.”
The ransomware used in the attack was identical to that used last week against a Victorian high school.
Following the attack, hackers posted online excerpts of what they said were stolen documents, including one that appeared to bear a student’s name.
The Department of Education and Training in Victoria reported the incident at the school, stating that “a number of the school’s files” were affected.
Schepisi Communications was contacted for comment by NCA NewsWire.