Singtel subsidiary, Dialog, suffers a data breach involving personal information of 1020 people
October 11, 2022 |
Stingtel’s woes continue. Singtel’s Australian IT firm Dialog has announced it suffered a data breach just weeks after the Optus breach. It involved 1,000 employees and 20 customers. As is the way of it, the media coverage has been considerable and unwelcome (to Singtel). One of the almost inevitable effects of a data breach.
Dialog released a statement which provided:
The Dialog Group (Dialog) today confirmed that the company has experienced a cyber security incident in which an unauthorised third party may have accessed company data, potentially affecting fewer than 20 clients and 1,000 current Dialog employees as well as former employees.
Dialog has notified the relevant authorities and is supporting those who may be impacted to protect against the risk of fraudulent activity.
On Saturday 10 September 2022, Dialog detected unauthorised access on our servers, which were then shut down as a preventative measure. Within two business days, our servers were restored and fully operational.
We contracted a leading cyber security specialist to work with our IT team to undertake a deep forensic investigation and continuous monitoring of the Dark Web. Our ongoing investigations showed no evidence of unauthorised downloading of data.
On Friday 7 October 2022 we became aware that a very small sample of Dialog’s data, including some employee personal information, was published on the Dark Web.
We are doing our utmost to address the situation and, as a precaution, we are actively engaging with potentially impacted stakeholders to share information, support and advice.
It is not a particularly statement and describes a lethargic response to the data breach.
Itnews covers the story with Singtel-owned Dialog Group hacked which provides:
Details of 20 customers, 1000 staff may have leaked.
Singtel-owned IT consultancy Dialog Group has notified customers and staff of an attack on its systems in September 2022.
The company published an advisory, later carried by its parent, which says the incident is unrelated to last month’s attack on Optus.
The statement says Dialog’s systems are separate to those of Optus, and also of the other Singtel companies in its ownership chain.
Dialog said “an unauthorised third party may have accessed company data, potentially affecting fewer than 20 clients and 1000 current Dialog employees as well as former employees.”
“We have notified the relevant authorities and are supporting those who may be impacted to protect against the risk of fraudulent activity,” it said.
The company said it detected “unauthorised access” on its servers on September 10, and shut down its servers; it had them “restored and fully operational” again “within two business days”, it said.
A cyber security specialist is now undertaking a forensic investigation, as well as monitoring the dark web.
“Our ongoing investigations showed no evidence of unauthorised downloading of data,” Dialog’s statement said.
However, it said “a very small sample of Dialog’s data, including some employee personal information, was published on the dark web.”
The story has got ample coverage in the Sydney Morning Herald in After Optus, a second SingTel company discloses data breach, the Australian Financial Review with After Optus, another Australian Singtel company hit by cyberattack and Singtel confirms digital burglary at Dialog subsidiary (among other reports).
and