This article was was originally posted on telecomasia.net.
Australia’s Telstra has advised Pacnet customers of a security breach allowing unauthorized access to the Hong Kong based ICT provider’s corporate IT network.
The breach occurred prior to Telstra taking ownership of Pacnet in April, and Telstra was only made aware of the breach on finalization of the purchase.
The reason for the breach is unknown and there has been no contact with the perpetrators.
Telstra group executive of global enterprise services Brendon Riley said an investigation into the incident shows that a third party gained access to Pacnet’s corporate IT network, including email and other admin systems, through exploiting an SQL vulnerability to inject malware.
“To protect against further activity we rectified the security vulnerabilities that allowed the unauthorised access. We have also put in place additional monitoring and incident response capabilities that we routinely apply to all of our networks,” he said.
“Now we have addressed the breach and understand its potential impacts we are in the process of advising our Pacnet customers worldwide of what occurred and reassuring them that we are now applying the same high level of security we apply to Telstra’s networks.”
At a media briefing, CISO Mike Burges said the company has no evidence that any data was extracted during the intrusion.
“We know that they had access to the network, [but] we don’t what they took and where they went, in terms of information sources. That’s why we took the decision to inform all of our customers so they can be aware of this issue,” he said.
Riley said Telstra’s focus will be working with Pacnet customers to minimize the impact of the breach.
If you haven't already, please take our Reader Survey! Just 3 questions to help us better understand who is reading Telecom Ramblings so we can serve you better!Categories: Mergers and Acquisitions · SDN · Security · Undersea cables
I used to work for Pacnet. I can tell you that the staff was cut to the bone thus reuslting in serious headcount and workload issues. I am not at all surprised about this article whilst recalling that we so cut to the bone we didn’t know what was falling to floor vs what was an issue. Moreover while the management I am sure tried to do their best to cover what they could it was all about survival and eliminating expenses so as to ensure we could pretty up the pig and sell ourselves. I suspect this is a classic example of cutting too deep and paying the consequences as a result. Sadly while this is obvious not one leader will agree b/c they got paid and walked away to better pastures.
no replies? wow. guess Insider-Guy is FOS.