Read Time:1 Minute, 54 Second
The Australian Federal Police (AFP) is investigating the cyber assault on Optus as 9.8 million customers were compromised.
The attack, according to Optus, might prompt fraudulent offers to sell consumer information online. A user on a data breach forum claimed they would offer two files with critical customer information for sale if a $1.53 million ransom is not paid within a week.
A file containing around 9.5 gigabytes of data was uploaded to the forum on Thursday and includes what appear to be 11.2 million lines of information, as well as 10 million lines of other data.
It is estimated that 9.8 million customers had their information stolen in Thursday’s “sophisticated” hack.
“We have engaged an independent cyber security firm to provide us with further forensic support, and we have also notified the Australian Cyber Security Centre,” said Kelly Bayer Rosmarin, Optus CEO.
“We understand that unauthorised access was made to two employee email accounts which contained customer information.”
The data available doesn’t account for those impacted by multiple services, but it’s estimated that over 11 million unique users will be affected.
A whopping 4 million leaked documents reportedly contain an identity document like a driver’s licence or passport. Also, these 4 million people have active Optus subscriptions.
The data dump also contains 2.4 million records with email addresses and physical addresses, 1.9 million with just physical addresses, 500,000 linked to dates of birth and 400,000 that include phone numbers.
Optus has notified the Australian Cyber Security Centre (ACSC), the Office of the Australian Information Commissioner, and law enforcement authorities.
Rosmarin also said, “We have taken immediate steps to contain the incident, including resetting affected customer passwords, notifying relevant regulators, and increasing our monitoring and detection capability.”
“We have also engaged an independent cyber security firm to provide further forensic support.”
The telco is urging customers to be vigilant of scammers and to report any suspicious activity to the police.
“Optus remain committed to delivering a safe and secure environment for our customers and will continue to work closely with authorities as the investigation progresses,” Rosmarin concluded.
Customers have been advised to change their passwords and security questions and to be alert for scam emails, calls or texts.
Happy
100 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
