Tangerine Data Breach

Afternoon all

TL:DR - Tangerine were hacked and all your data is on the dark web… banking and license information was not compromised (as far as they know)

Not sure if anyone else has received this or not but thought i would share, as it seems i am one of those unlucky people. Not here to bag their Internet service as i have used them multiple time and never had any issues but figured this might be the best place to post this for people that are currently with them or are thinking about using them.

So as the title mentions, Tangerine were hacked leaking PII.
Email basically states:

We are writing to let you know that Tangerine has been impacted by a cyber incident that has resulted in the unauthorised disclosure of some of our customer data.
We are contacting you as unfortunately, we believe that some of your personal data was disclosed as a result of this incident and have launched a full investigation to determine the cause. Please note that this incident does not affect the availability or operation of our nbn® or mobile services – they continue to operate as normal and remain safe to use.

The following personal information may have been disclosed as part of this incident:

Full name
Date of Birth
Mobile number
Email address
Postal address
Tangerine account number

We can confirm that no credit or debit card numbers have been compromised, as we do not store this information. No driver’s license numbers, ID documentation details, bank account details or passwords were disclosed as a result of this incident.

It appears the unauthorised disclosure of your personal information occurred on Sunday 18 February 2024 and was first reported to Tangerine management on Tuesday 20 February 2024.

How the incident occurred.

Upon learning of the incident, we immediately began an investigation to determine how this incident occurred. This investigation is ongoing and is being treated with the utmost priority.

We know that the unauthorised disclosure relates to a legacy customer database and has been traced back to the login credentials of a single user engaged by Tangerine on a contract basis.

What Tangerine are doing.
As soon as we learnt of this incident, we took steps to prevent any unauthorised access to our data.
We have taken precautionary steps to fully revoke network and systems access for the individual user’s credentials and we have also changed all other team usernames and passwords. Access to the affected legacy database has also been closed.

We have engaged an external cyber specialist to undertake a full and thorough investigation, and we are in contact with the Australian Cyber Security Centre. We have also notified the Office of the Australian Information Commissioner of this incident.

If you still have a Tangerine account, please be assured that your account, including access to the Tangerine Self Care Portal, is secure.

When you contact our team or try to login to the Portal, we will use a one-time verification code sent to your mobile & email to validate your identity and ensure that you have sufficient authority to access the account.

The following additional protections are also available to you as a Tangerine customer:
you have the option of changing your Tangerine account number.
you have the option of setting up additional security questions on your Tangerine account, and you will need to confirm the answers to these questions when you call us to discuss or make changes to your account or services.
What you should you do.

We wanted to notify you of this incident as it could increase your risk of being exposed scam or phishing attacks - where fraudulent phone calls, SMS or emails are sent to trick individuals into revealing personal information.

There are a few things that you can do to reduce this risk:
be alert to all email communications you receive including any email that claims to come from Tangerine Telecom, or that appears suspicious in any way. If you are unsure whether an email claiming to come from us is legitimate, please contact us directly;
be suspicious of any unexpected requests for your personal information, including your financial information.
Additional ways to protect yourself online.

Setting up multi-factor authentication (MFA) on your online accounts
MFA provides you with an extra layer of protection as it involves using two or more authentication factors to verify your identity, such as information you know (e.g. your personal, account or password details) together with information you have (e.g. a unique code sent to your phone or your fingerprint). While it may be easy for a criminal to steal one form of information (like a password), it's harder for them to steal two.

Regularly change your passwords

We understand that this one is annoying, but the fact is, automated attacks rely on people using the same password for many accounts and therefore if you do not change your passwords regularly (and make it one hard to crack), you could be at risk. If you are someone who finds it hard to keep track of passwords (who isn’t these days?), you might want to consider subscribing to a password manager.

Additional resources.
In addition to the above steps to protect yourself online, here’s some additional resources to help you recognise and report scams.

ID Care – supports individuals impacted by data breaches. Find out more here.
Scamwatch – learn how to recognise, avoid and report scams here.
Australian Cyber Security Centre (ACSC) – find out more ways to protect yourself online here.
Tangerine’s Online Safety & Cyber Security page.
Tangerine’s Customer Guidance on Scam Phone Calls & SMS – find out more here.
Tangerine’s ID Authentication for Account Changes & Fraud Awareness – find out more here.

If you have any further questions or concerns about this incident, you can get in contact with our Customer Service team on 1800 936 147 or by creating a Support Case in the Self Care Portal.

You can also view our media statement here.

I apologise that this incident occurred and for any concern this has raised for you. We will continue to update you during and once our investigation has concluded.

Regards,
Andrew Branson
Chief Executive Officer

Related Stores

Tangerine Telecom
Tangerine Telecom

Comments

    • I just called them to confirm which security questions they had for my account to make sure I won't use these again in the future.

  • +5

    Ok so a little more on all this. Today tried to log into an account i had approx 3 years ago and couldn't get in (wanted to see what data was in there). When finding out about the leak first thing i did was access both accounts and worked just fine.

    Started a chat session to only find out that the account has been "cancelled, and can no longer be accessed".
    I had asked "when was it cancelled" and got a reply of "THe account is removed since its been 2 years".

    I proceeded to ask if its "only been removed since the data got leaked?"
    received a reply of "That been removed legally. Thank you. Anything else?

    So it seems to cover their own ass they are starting to purge old accounts, THAT should have been removed prior to the leak.

  • +1

    I hope people take this seriously and act with their feet.

    I found an interesting post about the "trust commons" that businesses' need to maintain… Tangerine have certainly shown me that they have not taken serious care of people's data.

    https://every.to/p/breaching-the-trust-thermocline-is-the-bi…

  • +1

    Received spam emails today on two addresses I used exclusively for Tangerine about my Netflix account subscription expiring.

    Ported out on Monday with my partner, good riddance.

    • and another one today asking about my email preferences.

  • First of the spam from this data hack has started to arrive:

    from: Apple_Wallet <[email protected]>
    reply-to: [email protected]

    AppIe Pay was sus pended on your Device!

    They targeted all my Tangerine account email addresses (and they were all tagged).

  • +1

    I got a phone call today from a scammer pretending to be from Tangerine wanting to upgrade my service (no longer with Tangerine for 1 year plus) or charge me $99 for a modem or something. The guy was barely audible due to a poor line knew the last 4 digits of my credit card. Seems Tangerine has leaked last 4 digits of credit cards despite saying they didn't. Once I told him this was dodgy, he hung up.

    • I got the same phone call from a New Zealand number. Stated that my plan was no longer available and they had to charge me $99 tommorrow.

Login or Join to leave a comment