Cyber Incident Victim: TPG Telecom

In January 2014, iiNet—Australia’s third-largest internet service provider—detected suspicious activity within its TransACT network, prompting an immediate investigation. The security incident specifically targeted email servers operated by Grapevine, a subsidiary iiNet acquired alongside TransACT in 2011. iiNet characterized the event as a "limited attempt to compromise" the network but found no evidence of data exfiltration or unauthorized access to personal or corporate information. Company engineers initiated a comprehensive forensic examination to determine the scope and methodology of the attack, deferring communication with Australia’s Privacy Commissioner until the investigation concluded. A spokesperson emphasized that no customer or internal data had been affected and committed to disclosing further details after completing the analysis. The incident occurred during iiNet’s multi-year integration of TransACT’s infrastructure, which included migrating legacy billing and email systems to iiNet’s centralized platforms.

At the time of the breach, iiNet had nearly completed transferring Grapevine’s customer accounts to its proprietary billing systems but had not yet migrated email services. Company representatives noted on forums that email migrations were intentionally delayed until after billing transitions to ensure customer records existed in authoritative systems. Grapevine users were slated to join a new unified email platform already hosting AAPT customers, with other acquired brands scheduled for similar transitions. The attack’s focus on Grapevine’s unmigrated email infrastructure highlighted vulnerabilities in legacy systems pending decommissioning. iiNet also announced impending migrations for Canberra-based VDSL2 customers to its own networks, though the investigation’s findings did not alter these plans. The company maintained operational continuity throughout the probe, reiterating that the incident did not impact service delivery or data security.