Telstra has explained that an issue affecting hundreds of networks worldwide is due to a technical error, dispelling fears of a potential hack.
Early on Tuesday morning, secure email service ProtonMail complained network traffic was being diverted by Telstra.
The company tweeted: “There is an ongoing BGP hijacking incident impacting the ProtonMail network. Connectivity to Proton services is being impacted. @Telstra is announcing our 185.70.40.0/24 subnet without authorization.”
There is an ongoing BGP hijacking incident impacting the ProtonMail network. Connectivity to Proton services is being impacted. @Telstra is announcing our 185.70.40.0/24 subnet without authorization.
— ProtonMail (@ProtonMail) September 29, 2020
ProtonMail also pointed to a resource run by web infrastructure Cloudflare that showed more than 102 networks had been affected this overnight change .
The company clarified that this change did not mean there was a data breach or that data was lost, just that their service may be delayed.
In response, a Telstra spokesman told Gizmodo Australia that the change that caused the bug had been reversed and confirmed that no data had been breached or lost.
“Due to a technical error overnight, a number of internet prefixes were incorrectly advertised as Telstra’s. This meant some internet traffic may have been routed to Telstra incorrectly, although our systems indicate negligible traffic was actually received,” the spokesman said.
“We’re working with ProtonMail and other impacted customers to ensure a full recovery of their services.”
How did Telstra’s bug cause a ‘BGP hijacking incident’?
To explain this, we need to go over some technical terms. BGP is short for Border Gateway Protocol, which is essentially a method for directing internet connections to go to the right place (it’s like someone’s street address).
BGP Hijacking is a form of an attack that allows someone to replace that ‘address’ with their own. This, hypothetically, would allow someone to direct that traffic to somewhere else. If that happens, it could allow you to access the data they’re sending, which could be someone’s emails or other private information.
But in this case, Telstra is adamant that it didn’t happen like this. It’s not that someone impersonated Telstra but rather a technical hiccup.
In short, nothing to see here! Telstra said that all will be back to normal soon, if it’s not already.