TPG Telecom, Australia’s second-largest telco (which acquired iiNet in 2015), disclosed on December 14 2022 that an unauthorised party had accessed its Hosted Exchange email platform. The attacker searched through the email accounts of up to 15,000 iiNet and Westnet business customers, looking for credential and financial information. TPG discovered the breach on December 13 2022 during an investigation. The attacker appeared to be searching for cryptocurrency-related information. TPG took the hosted Exchange environment offline and notified affected customers. The incident highlighted ongoing risks to legacy hosted email environments and the use of iiNet-branded services under the TPG umbrella.