1300 688 648 Get In Touch
BackView All
View All Services

Can’t find what you’re looking for? Call 1300 688 648 for expert IT assistance

Essential software for small businesses

What Happened?

iiNet, one of Australia’s better-known internet service providers (and part of the TPG Telecom family), recently confirmed a cyber breach that exposed the personal data of around 280,000 customers. Yep, that’s a lot of inboxes and mobile numbers floating around where they shouldn’t be.
The breach came from an old legacy system—one that probably should’ve been retired years ago. Cybercriminals managed to sneak in and access customer emails, phone numbers, and service details. No financial data or ID documents were taken, but let’s be honest: even basic info can be weaponised in phishing scams and social engineering attacks.

Who Was Affected?

If you were an iiNet customer before 2013, you might want to pay attention. That’s when TPG acquired iiNet, and the breach seems to have hit data from that era. But it’s not just individuals who should be concerned.
Small businesses—especially those using iiNet for VoIP phonescloud-based phone systems, or managed internet services—could be at risk. If you’re running your operations in MelbourneSydneyBrisbanePerth, or Adelaide, and you’ve got iiNet in your tech stack, it’s worth checking whether your business data was caught up in this mess.
And if you’re thinking, “Ah, we’re probably fine”—well, that’s exactly what the cybercriminals are hoping for.

What Are iiNet and TPG Doing About It?

After confirming the breach on Saturday, 16 August 2025, iiNet activated its incident response plan. That meant locking down the affected legacy system, launching an investigation, and bringing in external IT and cybersecurity experts to help figure out what went wrong and how far it went.

They’ve started contacting impacted customers directly—by email—with an apology, a breakdown of what information was accessed, and practical advice on what to do next. It’s not just a blanket statement; they’re trying to be clear and supportive, which is what people need in situations like this.
On the regulatory side, iiNet is working with the Australian Cyber Security Centre (ACSC), the National Office of Cyber Security (NOCS), and the Office of the Australian Information Commissioner (OAIC). These agencies are involved in guiding the response and ensuring the incident is handled in line with national standards.
One notable move: iiNet has secured an interim injunction. This legal order prohibits anyone—including third parties—from accessing, viewing, releasing, using, transmitting, or publishing the impacted data. It’s a strong step, aimed at protecting customer information while the investigation continues.
So far, there’s no public statement from TPG Telecom itself detailing broader infrastructure changes or future plans. The focus right now is on containment, communication, and coordination with authorities.

What to Do If You Are Affected

If you’re one of the affected customers or businesses, here’s what you should do:
  1. Change your passwords. All of them. Especially if you’ve reused them (we know, we know).
  2. Turn on multi-factor authentication wherever you can.
  3. Keep an eye out for dodgy emails or texts—if something feels off, it probably is.
  4. Let your team know. A quick heads-up could save someone from clicking the wrong link.
  5. Reach out to iiNet to confirm if your data was part of the breach.
For businesses, it’s also a good time to audit your IT environment. If you rely on iiNet for IT support in MelbourneSydney, or elsewhere, consider whether your current setup includes adequate managed cybersecurity services.

How to Protect Your Business from Any Fallout

Let’s be blunt: this kind of breach isn’t rare anymore. It’s becoming the norm. So if you’re still crossing your fingers and hoping for the best, it’s time to upgrade your strategy.
  • Switch to a secure VoIP phone system with end-to-end encryption.
  • Invest in managed IT support services that include proactive threat monitoring.
  • Partner with IT providers offering managed IT security services, not just reactive support.
  • Review your internet managed services—ensure they’re segmented and monitored.
Whether you’re a small business or scaling fast, cybersecurity should be baked into your IT strategy—not bolted on later.

How Otto Can Help

At Otto, we understand the challenges Australian businesses face in the wake of breaches like this. That’s why we offer:
  • Managed IT support in Melbourne, Sydney, Brisbane, Perth, and Adelaide
  • VoIP phone systems and cloud-based phone systems built for security and scalability
  • Digital transformation services to modernize legacy infrastructure
  • Managed cybersecurity services to protect your data and reputation
  • Internet managed services with built-in threat detection
Whether you’re a small business or growing fast, we’ll help you stay secure, connected, and ahead of the curve. And we’ll do it without the B*S, the panic, or the finger-pointing.

managed it support articles

Related Blog Articles

Discover more insights to optimise your business with the latest IT trends and best practices. Stay ahead of the curve by learning how to leverage cutting-edge technology for success. Explore expert advice and valuable guidance to navigate the evolving world of IT solutions

Learn More