230,000 people were affected by a data breach at Tangerine, a telecommunications service provider.

On February 23, 2024, Australian telecommunications service provider Tangerine reported a data breach affecting approximately 230,000 people. Tangerine experienced a data breach that exposed the personal information of approximately 230,000 people.

The security breach occurred on Sunday, February 18, 2024, but Tangerine management did not learn of the incident until Tuesday, February 20, 2024. The telecommunications operator informed the Australian Cyber Security Center and the Office of the Australian Information Commissioner.

The communications service provider noted that financial information (credit or debit card numbers, banking data) was not compromised. The company also confirmed that the attack did not affect the availability or operation of their nbn® or mobile services.

"We can confirm that no credit or debit card numbers have been compromised as we do not store such information. No driver's license numbers, ID card details, bank details or passwords were disclosed as a result of this incident," reads a statement released by the company.

The compromised data includes full name, date of birth, mobile number, email address, mailing address and Tangerine account number.

"We took precautionary measures to fully revoke network and system access for individual user credentials, and changed all other team usernames and passwords. Access to the affected legacy database has also been closed," the statement continues.

The company has already notified affected individuals by email on Wednesday, February 21, 2024. The incident did not affect customer accounts that are protected by multi-factor authentication (MFA).