Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Australian company Optus confirmed yesterday that the IDs of 2.1 million customers were compromised during last month’s cyberattack. The carrier released a press statement to provide an update on the situation.
Stolen Personal Data
Based on the extensive investigation with more than 20 Federal, State, and Territory government agencies and departments, Optus confirmed that:
- 2 million customers have had at least one number from a current and valid ID, and personal information compromised;
- Approximately 900.000 customers have had numbers relating to expired IDs compromised, in addition to personal information.
Having worked with government agencies to meticulously analyze the data for the company’s 9.8 million customers, Optus can confirm the exposed information did not contain valid or current document ID numbers for some 7.7 million customers.
However, all the 9.8 million customers of the company had other personal data exposed as a result of the attack, including email addresses, birth dates, or phone numbers. Optus has sent either emails or SMS to the customers that have had their current ID documents compromised, announcing to them that their documents have been compromised during the cyberattack and what should they do moving forward.
Customers whose driver’s license information was compromised can request a new driver’s license number to prevent fraudulent activities.
According to BleepingComputer, the threat actor originally demanded $1 million from Optus as ransom to not publish or sell the stolen data. After not receiving the payment, the hacker leaked the data of 10.000 customers on a hacking forum.
Threat Actor Apologizes
As per BleepingComputer, the hacker, feeling the pressure of law enforcement, apologized to Optus and its customers on a forum, claiming to have deleted all the stolen data.
Optus Hacker Apology (Source)
There is no way to determine whether the threat actor deleted the data or not, so all Optus users should be highly cautious that their data may be used in future fraud or phishing attacks.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.
