Australia’s largest telecommunications company Telstra disclosed a data breach through a third-party supplier.
The company pointed out that its systems have not been breached, the security breach impacted a third-party supplier that previously provided a now-obsolete Telstra employee rewards program.
The data breach impacted a third-party platform called Work Life NAB, which si no longer live, that was supplied by Pegasus Group Australia (a subsidiary of MyRewards International Ltd.) to several other organisations.
It was run by Pegasus Group Australia, which is a subsidiary of MyRewards International Ltd.
Narelle Devine, the company’s chief information security officer for the Asia Pacific region, added that no customer account information was stored on the third-party platform. It seems that the security breach also impacted other companies.
Data leaked online was from 2017, it includes the names (first and last) and email addresses used to sign up for the employee rewards program.
“Information obtained as a result of a data breach at a third-party supplier, was posted on the internet. The supplier previously provided a now-obsolete Telstra employee rewards program.” reads the statement published by the company. “Critically, there was no breach of any Telstra systems, and no customer account information was stored on the third-party platform.”
According to the post published by Reuters, who had access to internal staff email sent by Telstra, the number of impacted current and former employees is 30,000.
The company is still investigating the incident and is supporting the third party to determine how the security breach happened and its extent.
Recently the second largest company in Australia, Optus confirmed that nearly 2.1 million of its current and former customers were impacted by a security breach they have suffered,
(SecurityAffairs – hacking, Telstra Telecom)