• Unauthorized access to iiNet order management system
• Limited personal information accessed, including email addresses and phone numbers
• Engaged external experts to assist with response

TPG Telecom Limited (ASX: TPG) has announced that it is currently investigating a cyber incident involving unauthorized access to an iiNet order management system by an unknown third party. Upon confirmation of the incident on Saturday, 16 August 2025, TPG Telecom enacted its incident response plan and removed the unauthorized access to the system. TPG Telecom has engaged external IT and cyber security experts to assist with the response to the incident. The unauthorized access appears to have been contained to the iiNet order management system, which is used to create and track orders for iiNet services, such as broadband connections. The system contains limited personal information, including iiNet email addresses, landline phone numbers, contact names, and residential addresses. Based on current analysis, a list of around 280,000 active iiNet email addresses and 20,000 active iiNet landline phone numbers, as well as around 10,000 iiNet user names, street addresses, phone numbers, and 1,700 modem set-up passwords, appear to have been accessed. TPG Telecom has unreservedly apologized to the impacted iiNet customers and will be taking immediate steps to contact them, advise of any actions they should take, and offer assistance. The company has also engaged with various government authorities, including the Australian Cyber Security Centre, the National Office of Cyber Security, the Australian Signals Directorate, and the Office of the Australian Information Commissioner, in response to the incident.