Online

AAPT Confirms Data Breach, But Was Anonymous Involved?

AAPT has this afternoon confirmed that it has experienced a data breach that resulted in lost user data, but the question that remains unanswered is whether or not this was the work of Anonymous and Operation Australia.

AAPT’s woes were first reported by iTNews, with the telco today confirming that the user data of some of its business customers was stolen after one of its servers at hosting provider Melbourne IT was breached.

AAPT’s CEO David Yuile has seemingly brushed off the attack, though, saying that it was “historic” data. His statement (which was all in caps when it came to us):

It was brought to our attention by our service provider Melbourne IT, at approximately 9:30PM last night that there had been a security incident and unauthorised access to some AAPT business customer data stored on servers at Melbourne IT.

AAPT immediately instructed Melbourne IT to shut down the servers when we were notified of the incident.

Preliminary findings suggest it was two files that were compromised and the data is historic, with limited personal customer information. Further, the servers on which the files were stored have not been used or connected to AAPT for at least 12 months.

We’ll stop there for a second. Why? Because we need to shout about something.

It doesn’t matter if you haven’t used it in a year, nor does it matter if the data lost was “historic”. You still lost customer data and it’s still very serious. Let’s not brush it off.

Let’s continue:

We are undertaking a thorough investigation into the incident with Melbourne IT and the relevant authorities to establish exactly the type and extent of data that has been compromised, how the security incident happened and what further measures are required to prevent any future incidents.

AAPT is extremely concerned about this incident and is treating the matter with the utmost seriousness. AAPT will be con acting any impacted customers as soon as possible.

SERIOUS BUSINESS IS SERIOUS.

What remains unanswered is whether or not the data breach was associated with Anonymous’ Operation Australia. Anonymous issued a threat two days ago that it would expose data related to an Australian internet service provider to protest the mandatory data retention scheme proposed by Attorney General Nicola Roxon.

The two events are far too close together to be a coincidence, though, surely.

We’ll update this when we find out more.