Singtel's Australian IT Firm Dialog Suffers Data Breach

Written by

Telecommunication giant Singtel has confirmed that another of its Australian subsidiaries, consulting unit Dialog, was the victim of a hack just weeks after the Optus breach was revealed.

Writing a statement to the Singapore stock exchange on Monday, Singtel said Dialog, which was acquired by Singtel's subsidiary NCS in April, confirmed the cybersecurity incident in which "an unauthorized third party may have accessed company data" on Saturday, September 10, 2022.

The breach potentially affected fewer than 20 clients and 1000 current Dialog employees as well as former employees.

"We detected unauthorized access on our servers, which were then shut down as a preventative measure. Within two business days, our servers were restored and fully operational," Dialog wrote.

"We contracted a leading cybersecurity specialist to work with our IT team to undertake a deep forensic investigation and continuous monitoring of the Dark Web. Our ongoing investigations showed no evidence of unauthorized downloading of data."

Despite being a subsidiary, Singtel clarified Dialog's systems are completely independent from NCS, Optus and Singtel's infrastructure.

"There is no evidence there is any link between this incident and the recent event experienced by Optus," the tech giant said.

Still, according to Julia O'Toole, CEO of MyCena Security Solutions, the incident could not come at a worse time for Singtel since the world's eyes are already scrutinizing the company's cybersecurity in the wake of the Optus breach.

"With this being the third large breach impacting the company in the last few years, it sounds like it is time to review the company's cybersecurity program because something is clearly not working," O'Toole told Infosecurity.

"Everyone knows employees are the number one target for criminals looking to steal and compromise an organization's data, so addressing this risk must be the priority."

According to the executive, one of the best ways to tackle this risk is by deploying encrypted network access and segmentation tools, which encrypt employee credentials so they can't be stolen or phished. 

"This closes doors on attackers, and it will significantly improve Singtel's security defenses against data breaches in the future."

Also in Australia, the country's largest telecoms firm Telstra revealed last week it was hit by a "small data breach" caused by the hacking of one of its third-party suppliers.

What’s hot on Infosecurity Magazine?