Australian energy provider AGL has been hit by a cyber incident on the “My Account” customer platform, affecting around 6,000 of it’s 4.2 million customers.
“Based on current analysis it appears malicious actors have used stolen credentials acquired externally (such as usernames and passwords used elsewhere by customers) to log into a number of customer accounts,” AGL said in a statement.
“We have communicated to potentially affected customers regarding the suspicious activity and to alert them to unusual activity on their account. As a precautionary measure, we have also placed a lock on these accounts while the incident is being investigated.”
AGL also advised that it is currently notifying customers with an email connected to their account of the breach. As the breach affected email addresses however, AGL is sending out postal communications to advise those customers affected.