Cyber Incident Victim: Pacnet
Date:
Apr 2015
Location:
Hong Kong
Summary
A telecommunications company's newly acquired undersea cable subsidiary experienced unauthorized access to its corporate IT network, email systems, and business management platforms prior to acquisition completion. The breach potentially exposed sensitive customer information, though evidence of actual data theft remained unconfirmed. The parent organization acknowledged perpetrators could have accessed personal details during the compromise but couldn't identify responsible parties or motives. The incident involved systems belonging to the Hong Kong and Singapore-based subsidiary with extensive submarine network infrastructure, acquired to expand cloud computing and remote access capabilities in Asian markets. Security investigators noted the difficulty of attribution and confirmed no communication from the attackers.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In April 2015, Australian telecommunications company Telstra Corp Ltd disclosed a cybersecurity breach affecting Pacnet Ltd, a Hong Kong and Singapore-based undersea cable operator it had acquired earlier that month. The intrusion occurred several weeks prior to Telstra’s completion of its $550 million (A$697 million) acquisition of Pacnet on April 16, 2015. Unauthorized third parties accessed Pacnet’s corporate information technology network, including its email systems and business management platforms, potentially compromising sensitive customer information. Telstra confirmed the breach but stated it could not definitively determine whether attackers had exfiltrated personal customer data, acknowledging only that the perpetrators had the opportunity to do so during their access. Mike Burgess, Telstra’s Chief Information Security Officer, emphasized there was no evidence confirming data theft from Pacnet’s corporate network at the time of disclosure. The company admitted it did not know the identity or motives of the attackers and cautioned that attribution might remain impossible due to inherent investigative challenges. No communication had been received from the perpetrators, and Telstra provided no specifics about the intrusion methods, timeline of detection, or containment measures beyond confirming the breach’s occurrence prior to the acquisition closing.
The Pacnet acquisition provided Telstra with control over a 28,000-mile submarine cable network and expanded its foothold in China’s growing network management sector, particularly targeting demand for cloud computing and remote corporate server access. Telstra did not disclose the number of affected customers or specific data types at risk but characterized the exposure as involving “sensitive customer information.” The breach exclusively impacted Pacnet’s pre-acquisition corporate systems, with no indication of post-integration compromise of Telstra’s infrastructure. No operational disruptions to Pacnet’s undersea cable services were reported. Telstra’s public response focused on acknowledging the historical breach while asserting no evidence of ongoing threats or confirmed data loss, though the company committed to further investigation despite the likelihood of unresolved attribution. The disclosure highlighted cybersecurity risks inherent in mergers and acquisitions, particularly when breaches occur in transition periods before full operational integration and assessment by the acquiring entity.