In February 2024, the Australian Telco Tangerine suffered a data breach that exposed over 200k customer records. Attributed to a legacy customer database, the data included physical and email addresses, names, phone numbers and dates of birth. Whilst the Tangerine login process involves sending a one-time password after entering an email address and phone number, it previously used a traditional password which was also exposed as a bcrypt hash.
On the news:
Tangerine Telecom says customer data of 232,000 affected by 'cyber incident'
Accessed using a set of credentials given to a contractor.
www.itnews.com.au
iTWire - Tangerine Telecom suffers customer data breach; 232,000 affected
Telecom service provider Tangerine Telecom disclosed it suffered a cyber breach last 18 February, estimating 232,000 current or former customer accounts were impacted dating from June 2019 to July 2023. According to the telco, its customer database was accessed by an unknown party via...
Download:
![[DK]](/data/avatars/s/57/57999.jpg?1720990206){kind=avatar}
