Hackers pop submarine cable operator Pacnet, probe internal networks

Customer data should be safe, corporate IP not so much

8 Reg comments Got Tips?

Submarine cable and data centre operator Pacnet was breached last month by hackers rummaging through its corporate network accessing emails and administration systems.

Pacent was recently acquired by Australia's Telstra, which today disclosed the breach of a "critical server" and is now informing customers and regulators about the mess.

Telstra security chief Mike Burgess said there is no evidence that customer data is impacted but says it is not yet known what data if any was stolen.

"The initial point of compromise was the result of an SQL injection against a web application server and they exploited that to drop server code to do what they wanted to do next," Burgess told Vulture South.

"Beyond that we have no evidence of data leaving the network.

"We know they had access to the network. We don't know what they took, [and] we don't know where they went in terms of information sources so that's why we took the step to inform all of our customers so they can be aware of the facts."

Telstra learnt of the 3 April breach after it finalised its acquisition of the company on April 16th.

Global enterprise services group executive Brendon Riley says Pacnet made some security changes after the hack but not to Big T's standard.

"Pacnet had taken action to rectify the breach prior to [acquisition] completion," Riley says.

"Once we found out about it we took the time to further examine the Pacnet environment and add some additional monitoring and incidence response capability we felt were important to add and consistent with what we would want across our Telstra networks."

While customer information appears to be considered safe, the impact of the breach may not be known until forensic operations can rule out exfiltration of sensitive data.

SQL injection vulnerabilities are one of the most common scourges on the internet and can be exploited to disastrous effect.

The breach is unlikely to cause regulatory troubles for Telstra given its rapid and transparent response. ®


Biting the hand that feeds IT © 1998–2020