Nearly 280,000 iiNet customers have had their personal data compromised in a serious cyberattack.

The telco on Tuesday confirmed that customer email addresses, phone numbers and modem passwords were accessed by hackers.

The breach was discovered on August 16, prompting an urgent response and forensic investigation involving external cybersecurity experts.

Know the news with the 7NEWS app: Download today

“Upon confirmation of the incident, we acted quickly to remove the unauthorised access to the system, iiNet said.

“External IT and cyber security experts have been engaged to determine the full scope of accessed information.”

The hackers targeted the company’s order management system.

“Based on the current evidence from our forensic experts, it appears a list of email addresses and phone numbers was extracted from the iiNet system.

“The list contained around 280,000 active iiNet email addresses and around 20,000 active iiNet landline phone numbers, plus inactive email addresses and numbers.

“In addition, around 10,000 iiNet usernames, street addresses and phone numbers and around 1,700 modem set-up passwords, appear to have been accessed.”

However, iiNet said copies or details of customer identity documents, such as passports or driving licences, or credit card or banking information, do not seem to have been exposed.

“We unreservedly apologise to the iiNet customers impacted by this incident,” TPG Telecom chief executive officer Inaki Berroeta said.

The telco is urging customers to watch for phishing scams, reset passwords, and use multi-factor authentication.

iiNet said it is cooperating with federal cybersecurity agencies and will keep customers updated via its website and social channels.

“We are also liaising with the Australian Cyber Security Centre (ACSC), the National Office of Cyber Security (NOCS), the Office of the Australian Information Commissioner (OAIC) and other relevant authorities in response to this incident,” iiNet said.

A support hotline has been launched on 1300 861 036 for those affected.

In July, Qantas revealed that 5.7 million customer records were leaked when a third-party system used by an offshore call centre was hacked.