Telstra
Company Details
Linkedin ID:
telstra
Employees number:
35,254
Number of followers:
435,969
NAICS:
517
Industry Type:
Homepage:
telstra.com.au
IP Addresses:
0
Company ID:
TEL_3122641
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Telstra Vendor Cyber Rating & Cyber Score
telstra.com.auWe believe it’s people who give purpose to our technology. So we’re committed to staying close to our customers and providing them the best experience. And delivering the best tech. On the best network. Because our purpose is to build a connected future so everyone can thrive. We build technology and content solutions that are simple and easy to use, including Australia’s largest and fastest national mobile network. That’s why we strive to serve and know our customers better than anyone else – offering a choice of not just digital connection, but digital content as well. And that’s why we have an international presence spanning 15 countries, including China. In the 21st century, opportunity belongs to connected businesses, governments, communities and individuals. As Australia’s leading telecommunications and information services company, Telstra is proud to be helping our customers improve the ways in which they live and work through connection. Be first to know about Telstra news, advice and offers, as well as updates on our people and partners: tel.st/subscribe
Telstra A.I CyberSecurity Scoring
Telstra Risk Score (AI oriented)Between 700 and 749
Telstra
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Telstra Global Score (TPRM)XXXX
Telstra
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Telstra Company CyberSecurity News & History
Past Incidents
6
Attack Types
4
Canva, Adyen, Atlassian, HubSpot, Epic Games, Moderna, GameStop, ZoomInfo, WeWork, Halliburton, Betterment, Sonos and Telstra: Over 100 Organizations Targeted in ShinyHunters Phishing Campaign
Cyber Attack
Severity: 85
Impact: 4
Seen: 12/2025
Supply Chain Source: NA
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: ShinyHunters-Linked Cybercrime Campaign Targets Over 100 Major Organizations A recent cybercrime campaign attributed to the ShinyHunters group has targeted at least 100 organizations across multiple sectors, including software, finance, healthcare, and energy, according to cybersecurity firm Silent Push. Over the past 30 days, threat actors registered fake domains impersonating high-profile companies such as Atlassian, Adyen, Canva, Epic Games, HubSpot, Moderna, ZoomInfo, GameStop, WeWork, Halliburton, Sonos, and Telstra. The attackers employed voice phishing (vishing) tactics to compromise single sign-on (SSO) accounts, particularly those using Okta and other identity platforms. Using specialized phishing kits, they intercepted credentials and manipulated victims into bypassing multi-factor authentication (MFA) by convincing them to approve push notifications or submit one-time passcodes (OTPs). Okta described the attacks as involving real-time session orchestration, where threat actors guided victims through the authentication process via verbal instructions. While Silent Push identified the infrastructure used in the campaign, it remains unclear whether the attacks successfully breached any systems. However, ShinyHunters has claimed responsibility for data breaches at companies like Betterment, Crunchbase, and SoundCloud, all of which confirmed incidents. The group allegedly stole millions of records from these organizations as part of the Okta SSO vishing campaign. Silent Push attributes the campaign to Scattered LAPSUS$ Hunters, a collective formed last year by members of Lapsus$, Scattered Spider, and ShinyHunters, based on observed tactics, techniques, and procedures (TTPs). The incident follows recent warnings from Google and others about rising vishing and phishing attacks targeting identity platforms.
Telstra
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Australia's largest telecoms firm Telstra Corp Ltd suffered a data breach incident which affected around 30,000 current and former employees. The breach compromised basic information like names and email addresses.
Telstra
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Australian telecom firm Telstra was hit by a cyber attack result of which the hackers gained access to 10000 SIM cards. The compromised information included financial information, contracts, and banking information of the SIM card users. The company’s website has been offline for days after a hacker group said it infiltrated the company’s data systems and posted a disturbing ransom note on the dark web.
Telstra
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: A 63-year-old layman was been able to access a Telstra database containing the contact details of their customers. Once he signed in, he put in the search term “email” and it returned 66,500 results containing names, addresses, email addresses and phone numbers. Telstra has also since identified two other customers who were able to access the database.
Telstra
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: A flaw in medical software used by more than 40,000 Australian health specialists and distributed by Telstra has potentially exposed Australians' medical information to hackers. Hackers have been logging into practitioners' computers and servers to carry out illegal activities. The flaw in the "secure" messaging software is specifically leaving computers with remote desktop software installed wide open because it creates a separate username with a static default password that will allow for an easy intrusion.
Telstra
Data Leak
Rankiteo Explanation
Attack without any consequences
Description: TELSTRA faced another data privacy breach incident after the email addresses and phone numbers of more than a thousand of its BigPond customers were made accessible online. An online spreadsheet containing customer names, email addresses and details of service support issues, was exposed.
Telstra Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Telstra
Incidents vs Telecommunications Industry Average (This Year)
No incidents recorded for Telstra in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Telstra in 2026.
Incident Types Telstra vs Telecommunications Industry Avg (This Year)
No incidents recorded for Telstra in 2026.
Incident History — Telstra (X = Date, Y = Severity)
Telstra cyber incidents detection timeline including parent company and subsidiaries
Telstra Company Subsidiaries
We believe it’s people who give purpose to our technology. So we’re committed to staying close to our customers and providing them the best experience. And delivering the best tech. On the best network. Because our purpose is to build a connected future so everyone can thrive. We build technology and content solutions that are simple and easy to use, including Australia’s largest and fastest national mobile network. That’s why we strive to serve and know our customers better than anyone else – offering a choice of not just digital connection, but digital content as well. And that’s why we have an international presence spanning 15 countries, including China. In the 21st century, opportunity belongs to connected businesses, governments, communities and individuals. As Australia’s leading telecommunications and information services company, Telstra is proud to be helping our customers improve the ways in which they live and work through connection. Be first to know about Telstra news, advice and offers, as well as updates on our people and partners: tel.st/subscribe
Loading...
Telstra Similar Companies
Telcel
Telcel (Radiomóvil Dipsa) es subsidiaria de América Móvil, uno de los mayores proveedores de comunicaciones celulares de Latinoamérica, grupo líder con inversiones en telecomunicaciones en varios países del continente americano. Telcel es la empresa de telefonía celular líder en México. Nuestra s
stc
We are a forward-focused digital champion always been focused on innovation and evolution. Our purpose is to create and bring greater dimension and richness to people’s personal and professional lives. With stc, You will always be empowered to focus on delivering what’s next through collaborati
Jazz
Pakistan’s number one digital operator and the largest internet and broadband service provider with over 70 million subscribers nationwide. With a legacy of more than 27 years, Jazz maintains market leadership through cutting-edge, integrated technology, the strongest brands and the largest portfoli
Zain Group
Zain Group is a leading provider of innovative ICT technologies & digital lifestyle communications operating in 8 markets across the Middle East & Africa, serving 51.3 million active customers as of 30 September 2025. Zain provides mobile voice, data and B2B services in: Kuwait, Bahrain, Iraq, Jorda
Vivo (Telefônica Brasil)
Vivo (Telefônica Brasil) is part of the Telefónica Group and with more than 94 million customers, of which 75 million mobile and 19 million fixed, we are the largest telecommunications company in Brazil, with nationwide presence and a complete, convergent portfolio of products, combining fixed, mobi
Somos una empresa orgullosamente mexicana, líder en tecnología, telecomunicaciones y entretenimiento. Estamos siempre a la vanguardia con el objetivo de llevar a nuestros clientes lo mejor en conectividad, ya sea para que estén cerca de los que más quieren ó puedan alcanzar el éxito profesional gra
SFR
SFR is the number one alternative telecoms operator in France. SFR is also an operator providing a comprehensive range of services meeting the expectations of private and business customers alike, offering them the best of the digital world. At year-end 2011, the total number of mobile customers was
Telmex
TELMEX, la empresa líder de telecomunicaciones y servicios TI en México, ha realizado importantes inversiones para desarrollar la plataforma tecnológica más robusta y vanguardista del país, que le permite ofrecer la más amplia gama de soluciones, con los mayores estándares de calidad, seguridad, con
Nokia
Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile, and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world. Advanced connectivity is key to enable the opportunities of AI – opening new d
.png)
Telstra CyberSecurity News
October 09, 2025 07:00 AM
Telstra denies being hacked in cyber extortion bid
Telstra has denied being breached by hackers after a notorious criminal group added it to the list of companies exposed in a wide-ranging...
October 08, 2025 07:00 AM
Telstra Data Breach Denied After Hacker Claims Stolen Data
The Telstra Data Breach involves claims of 100GB of stolen data by Scattered Spider. Telstra denies system breach as ransom deadline...
August 27, 2025 07:00 AM
Telstra avoided fear in cybersecurity campaign, tapped the never-scary… Steve Buscemi…
The ad features Buscemi as an intergalactic Emperor attempting to take over Australia with hi-tech scams, but his schemes are foiled as his crew...
August 11, 2025 07:00 AM
Ad of the Day: Steve Buscemi as evil scamming emperor in Telstra cybersecurity ad
Ad of the Day: Steve Buscemi as evil scamming emperor in Telstra cybersecurity ad. Australian telecoms brand proves its anti-scamming...
August 11, 2025 07:00 AM
Steve Buscemi Stars For Telstra In Out-Of-This-World Cybersecurity Ad
Settings ... Telstra has tapped Steve Buscemi (yes, really) to star in its latest spot showing off the power of its network security created by...
August 11, 2025 07:00 AM
Steve Buscemi Plays a Pissed-Off Galactic Emperor for Telstra
Steve Buscemi's bulbous-brained galactic emperor barks orders. But his malevolent minions can't reckon with the cybersecurity prowess of...
August 04, 2025 03:15 PM
We block millions of cyber threats every day
Telstra helps protect millions of Australians daily by blocking scam calls, fake messages & dangerous websites before they reach your device.
May 12, 2025 07:00 AM
Cyber security trends to watch in 2025
Cyber security checklist · 1. Stay informed and aware · 2. Be proactive with password management · 3. Consider social media privacy · 4. Switch...
May 08, 2025 07:00 AM
Redefining Filipino cybersecurity practices within the AI era
Filipino business and technology leaders gathered to discuss securing enterprises in the new threat landscape.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Telstra CyberSecurity History Information
Official Website of Telstra
The official website of Telstra is https://www.telstra.com.au/careers.
Telstra’s AI-Generated Cybersecurity Score
According to Rankiteo, Telstra’s AI-generated cybersecurity score is 740, reflecting their Moderate security posture.
How many security badges does Telstra’ have ?
According to Rankiteo, Telstra currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Telstra been affected by any supply chain cyber incidents ?
According to Rankiteo, Telstra has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Telstra have SOC 2 Type 1 certification ?
According to Rankiteo, Telstra is not certified under SOC 2 Type 1.
Does Telstra have SOC 2 Type 2 certification ?
According to Rankiteo, Telstra does not hold a SOC 2 Type 2 certification.
Does Telstra comply with GDPR ?
According to Rankiteo, Telstra is not listed as GDPR compliant.
Does Telstra have PCI DSS certification ?
According to Rankiteo, Telstra does not currently maintain PCI DSS compliance.
Does Telstra comply with HIPAA ?
According to Rankiteo, Telstra is not compliant with HIPAA regulations.
Does Telstra have ISO 27001 certification ?
According to Rankiteo,Telstra is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Telstra
Telstra operates primarily in the Telecommunications industry.
Number of Employees at Telstra
Telstra employs approximately 35,254 people worldwide.
Subsidiaries Owned by Telstra
Telstra presently has no subsidiaries across any sectors.
Telstra’s LinkedIn Followers
Telstra’s official LinkedIn profile has approximately 435,969 followers.
NAICS Classification of Telstra
Telstra is classified under the NAICS code 517, which corresponds to Telecommunications.
Telstra’s Presence on Crunchbase
No, Telstra does not have a profile on Crunchbase.
Telstra’s Presence on LinkedIn
Yes, Telstra maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/telstra.
Cybersecurity Incidents Involving Telstra
As of April 02, 2026, Rankiteo reports that Telstra has experienced 6 cybersecurity incidents.
Number of Peer and Competitor Companies
Telstra has an estimated 10,042 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Telstra ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak, Breach, Vulnerability and Cyber Attack.
How does Telstra detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with silent push (cybersecurity firm)..
Incident Details
Can you provide details on each incident ?
Title: Medical Software Flaw Exposes Australians' Medical Information
Description: A flaw in medical software used by more than 40,000 Australian health specialists and distributed by Telstra has potentially exposed Australians' medical information to hackers. Hackers have been logging into practitioners' computers and servers to carry out illegal activities. The flaw in the 'secure' messaging software is specifically leaving computers with remote desktop software installed wide open because it creates a separate username with a static default password that will allow for an easy intrusion.
Type: Data Breach
Attack Vector: Exploitation of Default Credentials
Vulnerability Exploited: Static default password in remote desktop software
Threat Actor: Hackers
Motivation: Illegal activities
Title: Telstra Data Breach
Description: Australia's largest telecoms firm Telstra Corp Ltd suffered a data breach incident which affected around 30,000 current and former employees. The breach compromised basic information like names and email addresses.
Type: Data Breach
Title: Telstra Database Breach
Description: A 63-year-old layman was able to access a Telstra database containing the contact details of their customers. Once he signed in, he put in the search term 'email' and it returned 66,500 results containing names, addresses, email addresses, and phone numbers. Telstra has also since identified two other customers who were able to access the database.
Type: Data Breach
Attack Vector: Unauthorized Access
Threat Actor: Layman
Title: Telstra BigPond Customer Data Breach
Description: Telstra faced a data privacy breach incident where the email addresses and phone numbers of more than a thousand of its BigPond customers were made accessible online. An online spreadsheet containing customer names, email addresses, and details of service support issues was exposed.
Type: Data Breach
Title: Telstra Cyber Attack
Description: Australian telecom firm Telstra was hit by a cyber attack resulting in hackers gaining access to 10000 SIM cards. The compromised information included financial information, contracts, and banking information of the SIM card users. The company’s website has been offline for days after a hacker group said it infiltrated the company’s data systems and posted a disturbing ransom note on the dark web.
Type: Data Breach
Attack Vector: Unspecified
Threat Actor: Hacker Group
Motivation: Ransom
Title: ShinyHunters-Linked Cybercrime Campaign Targets Over 100 Major Organizations
Description: A recent cybercrime campaign attributed to the ShinyHunters group has targeted at least 100 organizations across multiple sectors, including software, finance, healthcare, and energy. The attackers employed voice phishing (vishing) tactics to compromise single sign-on (SSO) accounts, particularly those using Okta and other identity platforms. Using specialized phishing kits, they intercepted credentials and manipulated victims into bypassing multi-factor authentication (MFA). The group allegedly stole millions of records from companies like Betterment, Crunchbase, and SoundCloud as part of the Okta SSO vishing campaign.
Type: Phishing (Vishing), Data Breach, Credential Theft
Attack Vector: Voice Phishing (Vishing), Phishing Kits, MFA Bypass (Push Notifications, OTPs)
Vulnerability Exploited: Single Sign-On (SSO) accounts (Okta and other identity platforms), MFA manipulation
Threat Actor: ShinyHunters, Scattered LAPSUS$ Hunters (collective of Lapsus$, Scattered Spider, and ShinyHunters)
Motivation: Data Theft, Financial Gain, Credential Harvesting
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Remote desktop software, Fake domains impersonating high-profile companies and SSO accounts (Okta).
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach TEL141210622
Data Compromised: Medical information
Systems Affected: Computers with remote desktop software
Incident : Data Breach TEL23611122
Data Compromised: Names, Email addresses
Incident : Data Breach TEL025101122
Data Compromised: Names, Addresses, Email addresses, Phone numbers
Systems Affected: Telstra Database
Incident : Data Breach TEL2211121222
Data Compromised: Email addresses, Phone numbers, Customer names, Details of service support issues
Incident : Data Breach TEL15346123
Data Compromised: Financial information, Contracts, Banking information
Systems Affected: website
Downtime: days
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Data Compromised: Millions of records allegedly stolen
Systems Affected: SSO accounts (Okta and other identity platforms)
Identity Theft Risk: High (PII and credentials compromised)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Medical information, Names, Email Addresses, , Personal Information, , Email Addresses, Phone Numbers, Customer Names, Details Of Service Support Issues, , Financial Information, Contracts, Banking Information, , Personally Identifiable Information (PII), Credentials and Business Data.
Which entities were affected by each incident ?
Incident : Data Breach TEL141210622
Entity Name: Telstra
Entity Type: Company
Industry: Telecommunications
Location: Australia
Customers Affected: More than 40,000 Australian health specialists
Incident : Data Breach TEL23611122
Entity Name: Telstra Corp Ltd
Entity Type: Telecoms Firm
Industry: Telecommunications
Location: Australia
Customers Affected: 30,000 current and former employees
Incident : Data Breach TEL025101122
Entity Name: Telstra
Entity Type: Telecommunications Company
Industry: Telecommunications
Customers Affected: 66500
Incident : Data Breach TEL2211121222
Entity Name: Telstra
Entity Type: Telecommunications Company
Industry: Telecommunications
Customers Affected: More than a thousand BigPond customers
Incident : Data Breach TEL15346123
Entity Name: Telstra
Entity Type: Telecom Firm
Industry: Telecommunications
Location: Australia
Customers Affected: 10000
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Atlassian
Entity Type: Software
Industry: Technology
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Adyen
Entity Type: Financial Services
Industry: Finance
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Canva
Entity Type: Software
Industry: Technology
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Epic Games
Entity Type: Software
Industry: Gaming
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: HubSpot
Entity Type: Software
Industry: Marketing/Technology
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Moderna
Entity Type: Pharmaceutical
Industry: Healthcare
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: ZoomInfo
Entity Type: Software
Industry: Technology/Sales Intelligence
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: GameStop
Entity Type: Retail
Industry: Gaming/Retail
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: WeWork
Entity Type: Real Estate
Industry: Commercial Real Estate
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Halliburton
Entity Type: Energy
Industry: Oil and Gas
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Sonos
Entity Type: Hardware
Industry: Consumer Electronics
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Telstra
Entity Type: Telecommunications
Industry: Telecom
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Betterment
Entity Type: Financial Services
Industry: Finance
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: Crunchbase
Entity Type: Software
Industry: Business Intelligence
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entity Name: SoundCloud
Entity Type: Software
Industry: Music/Technology
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Third Party Assistance: Silent Push (cybersecurity firm)
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Silent Push (cybersecurity firm).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach TEL141210622
Type of Data Compromised: Medical information
Sensitivity of Data: High
Incident : Data Breach TEL23611122
Type of Data Compromised: Names, Email addresses
Number of Records Exposed: 30,000
Incident : Data Breach TEL025101122
Type of Data Compromised: Personal information
Number of Records Exposed: 66500
Incident : Data Breach TEL2211121222
Type of Data Compromised: Email addresses, Phone numbers, Customer names, Details of service support issues
Number of Records Exposed: More than a thousand
Incident : Data Breach TEL15346123
Type of Data Compromised: Financial information, Contracts, Banking information
Number of Records Exposed: 10000
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Type of Data Compromised: Personally Identifiable Information (PII), Credentials, Business Data
Number of Records Exposed: Millions (alleged)
Sensitivity of Data: High (PII, credentials)
Data Exfiltration: Alleged (data sold on dark web)
Personally Identifiable Information: Yes
References
Where can I find more information about each incident ?
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Source: Silent Push
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Source: Okta
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Silent Push, and Source: Okta.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Investigation Status: Ongoing (infrastructure identified, breach success unclear)
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach TEL141210622
Entry Point: Remote desktop software
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Entry Point: Fake domains impersonating high-profile companies, SSO accounts (Okta)
Reconnaissance Period: 30 days (domain registration)
High Value Targets: SSO accounts, MFA-protected systems
Data Sold on Dark Web: SSO accounts, MFA-protected systems
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach TEL141210622
Root Causes: Static default password in remote desktop software
Incident : Phishing (Vishing), Data Breach, Credential Theft CANADYATLHUBEPIMODGAMZOOWEWHALBETSONTEL1769527593
Root Causes: Vishing attacks, MFA manipulation, phishing kits, lack of awareness
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Silent Push (cybersecurity firm).
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Hackers, Layman, Hacker Group, ShinyHunters, Scattered LAPSUS$ Hunters (collective of Lapsus$, Scattered Spider and and ShinyHunters).
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Medical information, names, email addresses, , Names, Addresses, Email Addresses, Phone Numbers, , email addresses, phone numbers, customer names, details of service support issues, , financial information, contracts, banking information, and Millions of records allegedly stolen.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Telstra Database and website and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Silent Push (cybersecurity firm).
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were details of service support issues, Addresses, banking information, email addresses, Medical information, Phone Numbers, phone numbers, customer names, Email Addresses, contracts, names, Names, Millions of records allegedly stolen and financial information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 30.8K.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Silent Push and Okta.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (infrastructure identified, breach success unclear).
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Remote desktop software, Fake domains impersonating high-profile companies and SSO accounts (Okta).
What was the most recent reconnaissance period for an incident ?
Most Recent Reconnaissance Period: The most recent reconnaissance period for an incident was 30 days (domain registration).
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Static default password in remote desktop software, Vishing attacks, MFA manipulation, phishing kits, lack of awareness.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=telstra' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
