Cyber-attack on wireless firm exposes data belonging to 40% of this country’s population

According to Reuters Australia’s second-largest wireless provider, Optus, has contacted customers about a data breach that exposed personal information belonging to as many as 10 million customers. The size of the compromised database makes this one of the largest cybersecurity breaches in the nation’s history. With 10 million subscribers, the large number of Australians affected equates to around 40% of the country’s population of 25.9 million people.

40% of Australia’s population could have had their personal data stolen in the Optus data breach

Information that may have been obtained by the bad actors involved includes the names, dates of birth, home addresses, phone numbers, email addresses, driver’s license numbers and passport numbers of those in the database. All that is known about the data breach is that it originated from an offshore entity. Optus CEO Kelly Bayer Rosmarin said she was saddened and angry by the cyber attack. The company said yesterday that it is trying to reach out to “all customers to notify them of the impact, if any, of the previously announced cyber attack on their personal details.”

“We will begin with customers whose ID document number may have been compromised, all of whom will be notified today,” Optus said in a statement. “We will notify customers who have not had any consequences lately. No passwords or financial details have been compromised.” The “sophisticated hack”, as the data breach was referred to by Optus, did not appear to affect business customers.

The CEO noted that many Optus customers are now concerned about the security of their personal information and are frustrated by the incident.

The authorities are investigating a possible lead. Sydney Morning Herald published a story yesterday that Optus received an extortion threat demanding it pay $1 million in cryptocurrency or the hackers would sell the personal information belonging to millions of customers. The Australian Federal Police told Reuters it is aware of reports that on the “dark web” and through other sources, Optus customer data and other “credentials” are available for purchase.

Optus noted that since the matter is under investigation by law enforcement, the amount of information it can release regarding this data breach is limited. The airline pointed out that the IP address belonging to the hackers moved between different countries in Europe. The wireless carrier suggested in a tweet that customers should keep an eye out for any unusual and suspicious activity on their accounts.

Optus subscribers should check their accounts for any strange or suspicious activity

The tweet said: “While we are not aware of any harm to customers, we encourage you to have a heightened awareness across your accounts, including being aware of unusual or fraudulent activity, as well as any messages that may seem strange or suspicious.” Optus currently has around 5.8 million active users, representing 21% of Australia’s

population. Telstra is the largest wireless provider in the country with close to 20 million subscribers.

David Emm, who works as a cybersecurity researcher for Kaspersky, said BBC that “it is good to see that Optus has said it will contact those it believes are affected and that they will not send messages in emails or via SMS [text] messages – this makes it clear to customers that any such messages they receive will be fake. It’s also reassuring that no passwords or payment details have been stolen.”

Emm added: “Nevertheless, customers should be aware of any fraudulent activity they see and should protect their online accounts with unique, complex passwords and by using two-factor authentication.”

In the US, hackers have chosen T-Mobile. The airline sought at least $500 million for customer compensation and to strengthen its internal security systems after more than 48 million past, present and potential T-Mobile customers had their personal data swiped. The attack on the nation’s second-largest wireless carrier occurred in 2021. To help customers who believed their personal information had been stolen, T-Mobile offered them two free years of McAfee ID Theft Protection Service.


Leave a Reply

Your email address will not be published.