Optus attack exposes customer information

By

Personal details of 1.1 million customers purportedly offered for sale.

Optus has suffered a cyber attack and data breach involving the details of potentially millions of customers, with “a subset” having their identity documentation exposed.

Optus attack exposes customer information

The Australian reported Thursday that “about 2.8 million” customers had personal details exposed in the attack, though Optus has not put any numbers out publicly on the impacted cohort.

Early on Friday, Emsisoft threat analyst Brett Callow posted a screenshot on Twitter that purported to show a database of 1.1 million Optus customers' details, comprising names, email addresses and mobile numbers.

It had been offered for sale since September 17. 

An Optus spokesperson declined to confirm the number to iTnews, saying an investigation is still underway.

The telco did not say when the attack and breach took place, nor offer any information on how it was detected.

A spokesperson told iTnews that Optus "went out with the media statement within 24 hours of establishing that customers' information had been compromised."

'Devastated'

CEO Kelly Bayer Rosmarin said the telco was “devastated to discover” the attack, which “has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it.”

"As soon as we knew, we took action to block the attack and began an immediate investigation,” she said.

“While not everyone may be affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance.

“We are very sorry and understand customers will be concerned.”

The telco said it is in the process of contacting impacted customers directly.

It added that data that “may have been exposed includes customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver's licence or passport numbers.”

It said account passwords and payment details “have not been compromised.”

Optus also said that its telecommunications services “remain safe to use and operate as per normal.”

More details emerge

Optus posted an FAQ late on Thursday evening that provided scant additional detail on the incident.

The telco did say that in response to the attack and data breach that it has "temporarily stopping SIM swaps and replacements, as well as change of ownership [activities]" by its "online, phone and messaging support teams".

"To protect our customers, these requests can be completed in any of our Optus Retail locations with relevant ID," it said.

Optus also confirmed that Amaysim, which is now owned by Optus, is not impacted.

It added that it has called in "the Australian Cyber Security Centre to mitigate any risks to customers" and "notified the Australian Federal Police, the Office of the Australian Information Commissioner (OAIC), and key regulators."

OAIC said in a statement of its own that it would "engage with Optus to ensure compliance with the requirements of the notifiable data breaches (NDB) scheme in accordance with our usual process."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

BoM's seven-year technology transformation cost $866m

BoM's seven-year technology transformation cost $866m

Medibank allegedly missed EDR alerts before data breach

Medibank allegedly missed EDR alerts before data breach

ANZ joins NAB and CBA on ConnectID

ANZ joins NAB and CBA on ConnectID

James Cook University accelerates digital roadmap and cyber uplift

James Cook University accelerates digital roadmap and cyber uplift

Log In

  |  Forgot your password?