On October 18, 2025, a significant cybersecurity breach impacted more than 1600 customers of Dodo and iPrimus in Australia, disrupting email and mobile services across the country. The attack, which was confirmed by Vocus, the parent company of both telcos, gave unauthorized access to customers’ email accounts and mobile numbers. The company made the announcement on Saturday, a day after the hack took place.
What Happened During the Breach?
The initial investigation showed that at least 1600 Dodo email accounts were accessed illegally, a spokesperson Vocus said. On top of this, 34 Dodo mobile accounts had unauthorized SIM swaps performed on them. These SIM swaps would enable the attackers to intercept messages and calls, posing a risk to sensitive customer details.
To contain the situation, Vocus has collaborated with impacted users in reversing the SIM swaps and suspended email services temporarily. The data on monitoring indicated a dramatic increase in outage reports by Dodo customers with 30 incidents reported during Saturday afternoon.
By Sunday morning, Vocus was able to restore email services. The company was confident that it is keeping a close eye on the situation and working with security authorities. It has also joined forces with IDCare in order to provide further assistance to the affected.
Impact on Customers and Network
The attack had its impact on email availability and mobile access for some of Dodo and iPrimus customers. These companies service more than 800,000 homes and businesses representing approximately 9.2% of Australia’s NBN market so the disruption was felt.
Customers faced temporary suspension of email, and customers who were targeted through SIM swaps could have their numbers hijacked by other people. Though the services were resumed soon, the episode raised security concerns about customer data in the telecom industry.
This incident follows a series of cybersecurity events in Australia’s telco sector. Just Last week, Qantas Airways revealed that up to 5.7 million customers’ data was exposed on the dark web. In August, iiNet also admitted that data of approximately 280,000 customers could have been hacked.
Response of the Company to the Incident
Vocus has released a statement assuring its clients of its resolve to fix the problem.
- Email services were resumed in 48 hours.
- Impacted customers were aided to reverse SIM swaps.
- The authorities and cybersecurity experts were informed.
- Periodic updates were provided via official websites and social media.
- Further protection and advice are being provided through IDCare.
The company asserted its continuing monitoring to confirm there is no more unauthorized activity.
Rising Concerns Over Telco Cybersecurity
This recent incident highlights the increasing cyber-security threats in the telecommunication sector. Telcos are prime targets for cyber-attacks as they handle customer information and communication networks, which are sensitive in nature. Breaches and outages have seen an uptick over the past several months, placing pressure on service providers to strengthen their cyber defenses.
For consumers, such incidents can result in inconvenience, financial loss, and loss of confidence in service providers. For telco operators, it raises very important issues of cybersecurity preparedness and resilience.
FAQs
How did Dodo and iPrimus customers suffer due to the breach?
There were approximately 1600 unauthorized accesses to email accounts and 34 mobile accounts accessed through SIM swaps. The email services were temporarily disabled but were eventually restored, and the company collaborated with affected customers to reverse the SIM swaps.
What steps are being taken to secure customers after the breach?
Vocus has restored services, reversed improper SIM swaps, alerted authorities, and provided assistance via IDCare. Vocus continues to monitor the situation closely to avoid future occurrences.