SYDNEY (Reuters) - Australian Internet provider iiNet Ltd has urged more than 30,000 customers to change their passwords after claims emerged online that hackers had been attempting to sell personal information stolen from one of the firm’s databases.
News of the potential data breach at Australia’s third-largest web provider first emerged on Twitter, where it was alleged an unnamed hacker was offering to sell a database that included client passwords, home addresses and telephone numbers.
iiNet said it was not immediately able to confirm whether the information, which includes subscriber details from a company it purchased in 2008, had actually been breached.
As a precaution, however, iiNet CIO Matthew Toohey said the company had contacted almost 31,000 customers and asked for the password change to prevent unauthorized access to accounts.
“iiNet is aware of an incident that may have resulted in unauthorized access to old customer information stored on a legacy Westnet system,” Toohey said in a statement published by Australian media outlets on Tuesday.
“Customer username, address, telephone and, in some cases, password information may have been accessed. However, no payment details were stored on the server. The system is now offline and at no further risk.”
Reuters could not immediately reach iiNet officials for comment.
Last month iiNet said it would accept a A$1.56-billion ($1.19 billion) takeover proposal from larger rival TPG Telecom Ltd, sidelining rival bidder M2 Group Ltd and paving the way for it to become the industry’s second largest firm.
The planned deal, which M2 could still disrupt with a higher proposal, would create the most serious rival to market behemoth Telstra Corp Ltd as Australia’s internet companies rush to upsize, amid the roll out of the state-funded National Broadband Network (NBN) which aims to bring high-speed Internet to nine in 10 homes by 2021.
Reporting by Matt Siegel; Editing by Clarence Fernandez