Tangerine

Have I Been PwnedConfirmed breachAdded February 28, 2024Occurred February 18, 2024243,462 accountstangerinetelecom.com.auAll Tangerine breaches →

What was exposed

Dates of birthEmail addressesNamesPasswordsPhone numbersPhysical addressesSalutations

What to do if you were affected

Change your password for this account, and anywhere you reused it. Turn on two-factor authentication.
Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
Watch for text-message phishing and SIM-swap attempts on your phone number.
Be wary of targeted scams that use your personal details to sound convincing.

Details

In February 2024, the Australian Telco Tangerine suffered a data breach that exposed over 200k customer records . Attributed to a legacy customer database, the data included physical and email addresses, names, phone numbers and dates of birth. Whilst the Tangerine login process involves sending a one-time password after entering an email address and phone number, it previously used a traditional password which was also exposed as a bcrypt hash.

Frequently asked questions

What is the Tangerine data breach?

When did the data breach happen?

This data breach occurred around February 2024.

How many accounts were affected?

Around 243,462 accounts were affected.

What information was exposed?

Exposed data included Dates of birth, Email addresses, Names, Passwords, Phone numbers, Physical addresses and Salutations.

What should I do if I was affected?

Change your password for this account, and anywhere you reused it. Turn on two-factor authentication. Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Watch for text-message phishing and SIM-swap attempts on your phone number. Be wary of targeted scams that use your personal details to sound convincing.

View on source ↗

Related breaches