Tangerine has been contacted for further comment.
The phone and broadband provider is headquartered in South Melbourne and is one of Australia’s fastest-growing internet providers. It was founded by brothers Andrew and Richard Branson in 2013 and 232,000 of its current or former customers have been caught up in the breach.
“No one is more disappointed than me. As a founder-led organisation, my brother and I put everything we can into the business along with a very talented, committed team,” chief executive Andrew Branson said in a statement.
“Anything that negatively impacts our loyal customer base hurts, and we sincerely apologise to them for this incident.
“Thankfully, over recent years we’ve taken multiple pre-emptive steps which have included reviewing what data we really need to keep and what we can live without. That’s why we don’t hold any driver’s licences, any ID documents or any credit card numbers.
“Moving forward, we are fully committed to learning from this incident and implementing necessary improvements to prevent similar occurrences in the future.”
Loading
The company has engaged a cybersecurity specialist to investigate the incident and is recommending customers be suspicious of any communications claiming to be from Tangerine Telecom. Customers can also contact government support services including ID Care and the Australian Cyber Security Centre.
The cyberattack on Tangerine is the latest in a series of high-profile data breaches. Just last month, Victoria’s court system was hit by a ransomware attack, with hackers potentially accessing archives containing highly sensitive testimonies.
Before Christmas, St Vincent’s Health was hit by a cyberattack, while DP World was forced to shut down its terminals in November after a cybersecurity incident.
Australian business leaders this year nominated cybersecurity as their top priority, according to a report from KPMG, Keeping us up at night, which surveyed more than 300 chief executives.
The scale of concern was highlighted in 2022 when hackers stole the details of 10 million Optus customers in September, and a month later accessed sensitive health information of 9.7 million Medibank customers, progressively leaking the data in an attempt to get the companies to pay a ransom.
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.