Skip to main content
Skip to secondary navigation
Menu
Australian Government - Office of the Australian Information Commissioner - Home

iiNet investigation

Finalisation of iiNet investigation

6 March 2017

The Australian Information and Privacy Commissioner has finalised an investigation into an apparent data breach involving iiNet subsidiary Westnet.

The data breach had initially appeared to have occurred after a hacker compromised a Westnet legacy database containing the personal information of some Westnet customers, and offered the information for sale online. The Commissioner was concerned that this incident had revealed that some Westnet user passwords were stored in plain text.

In response to the investigation, iiNet confirmed that its own and WA police investigations had found no evidence of an unauthorised intrusion into the Westnet database. iiNet also conducted a number of actions including:

  • immediately shutting down the legacy database and migrating account details to another system where customer password details are stored with encryption.
  • undertaking a review of all iiNet’s customer databases and confirming that all customer passwords are stored in an encrypted form.

The Commissioner is satisfied that the matter has been adequately dealt with by iiNet.

Back to Contents

Privacy Commissioner investigates alleged iiNet data breach

26 June 2015

The Australian Privacy Commissioner has opened an investigation into an alleged data breach involving iiNet subsidiary Westnet. The data breach allegedly occurred after a hacker compromised a database containing the personal information of some Westnet customers, and offered the information for sale online.

iiNet is cooperating with the OAIC’s enquiries. The OAIC will publish a further statement at the conclusion of its investigation.

Back to Contents