During my show with 6PR last night, I received information from someone familiar with the matter stating the following in response to my comments on air.
“The breach included names, addresses and phone numbers. No credit card details were on the server. 30000 customers have been sent an email tonight advising they were affected and need to change their password. You are correct that this was an old server that hadn’t been merged with iiNet’s customer base.”
This could indicate that the data breach may contain data that pre-dates the iiNet acquisition of Westnet in May 2008 showing that the data could be pretty low value in the general scheme of things.
No credit card details were involved in the breach and it is suspected that passwords may be stored in plain text format (no encryption) so the only real immediate risk is to Westnet subscribers that have not changed passwords since 2008/2009.
If you are a Westnet subscriber then it is advisable to change your Westnet password as well as any passwords associated with email or other accounts that may have had similar passwords to your old Westnet account.