TPG legacy cloud service experiences cyber attack

TPG Telecom has disclosed that its legacy cloud-based hosting service, TrustedCloud, has been compromised in a recent cyber incident. Evidence from TPG forensic experts reveals that two TrustedCloud customers had their data accessed in the incident; no other TrustedCloud customers are believed to have been impacted by the breach at present.

The incident was isolated to the TrustedCloud service, as it is hosted in a standalone environment that is separate from other TPG telecommunications networks and systems. The incident has not impacted customers from any other TPG brands, products or services. TrustedCloud, formerly called Wavenet, is a legacy IntraPower product that was acquired in 2011 by TPG Telecom with its acquisition of IntraPower.

TPG has notified and is working with the two impacted customers and will continue to provide them with information and assistance. The relevant government authorities have also been notified, with TPG also engaging external cybersecurity experts to assist with management of the incident.

TPG has also introduced measures to improve the security of the TrustedCloud service. Although the incident has not impacted other environments offered by TPG, the telecom has also increased the cybersecurity defences across its entire business.

TrustedCloud uses legacy IT systems and was in the process of being decommissioned; it is scheduled to close at the end of August 2021. There are only a few remaining customers using the TrustedCloud service.

Image credit: ©stock.adobe.com/au/vectorfusionart