Optus Falls Victim to Security Breach
Personal Details of Current and Former Clients Compromised.
Australian mobile operator Optus is investigating a security breach after they spotted “unauthorized access” to former and current customers’ personal data. Optus immediately shut down the attack and is currently working with the Australian Cyber Security Center to mitigate any risks to customers.
An official statement issued on Optus’ website informed users of the mobile operator of the cybersecurity incident. The event was also reported to the Australian Federal Police, the Office of the Australian Information Commissioner, and other significant regulators.
We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it.
Kelly Bayer Rosmarin, Optus CEO (Source)
What Data Was Accessed?
Optus claims that the security breach may have exposed a variety of client data, including phone numbers, email addresses, and dates of birth, as well as other details including residences, passport numbers, and information from driver’s licenses. The major financial institutions were also informed of the hack, even if the breach did not compromise the clients’ account passwords or financial information.
As soon as we knew, we took action to block the attack and began an immediate investigation… Please be assured that we are working hard, and engaging with all the relevant authorities and organizations, to help safeguard our customers as much as possible.
What Is Next for Optus?
Optus services, including mobile and home internet, are not affected, and messages and voice calls have not been compromised. Optus services remain safe to use and operate as normal. The customers affected by the attack will be contacted by the operator as soon as possible.
According to ZDNET, the Office of the Australian Information Commissioner (OAIC) confirmed that it was notified about the cybersecurity incident and is working with Optus to “ensure compliance” with the Notifiable Data Breaches rules. In the meantime, Optus encourages its customers to have heightened awareness of their accounts, look out for any suspicious or unexpected activity, not click on suspicious-looking links, and never disclose their passwords, and personal or financial information.
Optus is the second-largest telco company in Australia, with 10.2 million mobile subscribers reported in 2019.