Vocus ISP Dodo's email system breached on Friday

Some customers then impacted by SIM swapping. 

Vocus-owned ISP Dodo’s email system was breached on Friday last week, with some 1600 accounts accessed and a small number of customers then falling victim to SIM swapping.

The incident was disclosed via Dodo’s Facebook page on Sunday.

A spokesperson for Vocus confirmed the incident occurred on October 17, and that the telco had “progressively suspended email services temporarily for Dodo and iPrimus customers and restricted email services for Commander customers” in the aftermath.

“Our initial investigation has revealed unauthorised access to approximately 1600 Dodo email accounts, leading to unauthorised SIM swaps on 34 Dodo Mobile accounts,” the spokesperson said.

“We have worked with impacted customers to reverse these SIM swaps and we continue to monitor this situation.”

The SIM swaps were on-net - with the threat actor attempting to move mobile numbers to Dodo SIMs purchased in retail stores.

“The SIM swap involved the unauthorised party replacing a customer's active SIM with a different Dodo SIM purchased from a retail store using a standard industry process,” the spokesperson said.

“We have notified authorities of this fraudulent activity.”

Customers were asked to call the company “to set a new password for their email account.”

On social media, customers reported wait times of an hour to regain access to their accounts.

