Telstra data breach exposes thousands of staff names and emails

Just over a week after the Optus data breach, thousands of Telstra staff members have had personal information leaked online.

According to Telstra, the names and email addresses of up to 30,000 former and current staff members have been breached. They were released on the same forum as the alleged Optus ‘hacker’.

Telstra has confirmed the data is from a breach that occurred back in 2017 and it didn’t contain any customer data. According to the telco the breach came from a third party that was conducting a staff rewards program.

Apparently 12,800 out of the 30,000 staff members affected by the leak still work for Telstra.

“To be clear, it was not a breach of any Telstra systems. The data released is very basic in nature – limited to full names and email addresses used to sign up to the platform.”

The spokesperson also said that Telstra believes this information has been released now as an attempt to profit from the Optus breach.

SmartCompany has viewed the post and can confirm it only contained first and last names as well as email addresses.

Comparatively, customer information affected by the Optus breach included names, addresses, email addresses and phone numbers. Some customers also had their driver’s licence and passport numbers leaked. The number of potential customers affected by the breach are in the millions.

Optus also confirmed a week after the attack that some Medicare numbers were also affected.

“We understand this may cause some anxiety to our people, particularly in the current climate of heightened awareness around cyber security,” Telstra said in a statement to staff over the weekend.

“If you wish to find out more about the breach, or to find out if your email address was exposed, please contact our cyber team … In the meantime, we remind you as always to remain vigilant about any unexpected communications.”