GeGeek

I don’t reinvent the wheel, I just link to it.

Cyber Attack

DoDo Parent company hacked

9 Views

DoDo Parent company hacked

A major Australian telco, Vocus (which owns brands like Dodo and iPrimus), has confirmed it was hit by a cyber-attack. The breach affected around 1,600 home internet and mobile customers.

Here’s how the incident unfolded:

  • The attack started on a Friday night, when Vocus detected “suspicious activity” in its email systems.

  • The hackers obtained unauthorised access to roughly 1,600 email accounts belonging to customers.

  • As a result, there were 34 cases of SIM swap fraud on Dodo Mobile accounts. A SIM-swap is when someone fraudulently transfers a customer’s phone number to a SIM they control, enabling them to intercept SMS, calls, etc.

  • In response, Vocus suspended email services to contain the breach and began remediation work. By Sunday morning email services were restored. They asked affected customers to contact their provider to reset passwords.

  • Vocus also said it will provide additional support through a service called IDCare (which helps people whose identity or personal info is compromised) and will continue updating customers via website and social media.

  • In terms of scale, Vocus holds about 9.2% of the National Broadband Network market in Australia. It’s ranked the fourth-largest provider behind the likes of Telstra, TPG Telecom and Optus.

Why this matters:


Because Vocus is a big player in the Australian broadband and mobile space, any breach of its systems is significant. Even though “only” 1,600 customer accounts were impacted (which is small compared with some massive breaches), the fact that SIM swaps occurred adds a higher level of risk (phone number takeover can be used to access other accounts, intercept codes, etc.). The incident also acts as a reminder that even large telcos with sizeable market shares are vulnerable.

What to do if you’re a customer (or want to stay safe):

  • If you have an account with Dodo, iPrimus or Vocus, check whether you received any notification from them.

  • Reset any email/SIM-/account passwords, especially if you reuse passwords elsewhere.

  • Enable two-factor authentication (2FA) where available, and preferably use an app rather than SMS if you can.

  • Monitor your phone bills and online accounts for any strange activity, especially SIM-swap warnings (such as loss of mobile service unexpectedly).

  • Be extra vigilant about phishing emails or messages that ask for personal details—they often follow breaches like this.

 






 

You May Also Like

What to do if you are affected by the Optus cyber attack

Optus – How will you know you’ve been hacked?

Optus Telstra wont pay for a credit – read this