Australian telecom service TPG announced recently that their legacy hosting service TrustedCloud was accessed by an unauthorized party. TPG purchased IntraPower in 2011 which also gave them access to TrustedCloud—the service is set to be decommissioned in August 2021, but some customers had not transitioned out if it yet. They believe the breach has only affected two of their customers that used the service and no others were involved. A portion of a statement made by TPG reads, “We have introduced measures to improve the security of the TrustedCloud service. Although we are confident this incident has not impacted our other environments, we have also increased the cybersecurity defenses across our entire business.” It appears that they will keep the TrustedCloud service operable until it has been decommissioned.
It’s unclear what TPG plans to do to secure their hosting services and how it was accessed in the first place. However, organizations should examine the third-party hosted solutions that they use for security issues and especially focus on any older or legacy services that have an end-of-life date approaching. Generally speaking, service providers don’t put as much effort into maintaining and improving older technology that doesn’t have a long life ahead of it, and it is much more likely that attackers will find ways to access those services through mistakes made in their implementation or weaknesses in the technology stack that the solutions are built on top of. It is recommended that vulnerability testing should be done regularly to help identify weaknesses in an organization’s own services, or with explicit permission from a third-party hosting provider if the service is hosted by a vendor.