The company has confirmed that Optus, one of Australia’s largest telecommunications service providers, has suffered a data breach by disclosing sensitive information about its customers.
In an official statement, Optus said it began investigating “possible unauthorized access” to both current and former customer information following the cyberattack.
Whoever was behind the attack stole a lot of sensitive identity information from company endpoints, including customer names, birthdays, phone numbers, and email addresses. Some customers also had physical addresses, ID numbers, such as driving licenses and passport numbers, exposed. However, your payment details and account passwords are safe.
The Optus breach
Optus did not disclose who was behind the attack, what the cybercriminal’s motives were, or how security was compromised (for example, by phishing or malware). He said he managed to stop the attack immediately.
He also declined to provide information on how many customers may have been hurt by the breach, but given the user base, that figure could be as high as around 10 million people.
Key company services such as cellular connectivity, home internet, messaging or voice calls have not been affected. “Optus services remain safe to use and operate according to the normal rules,” said the message.
Since the attack, Optus has launched the Australian Cyber Security Center to mitigate any threats to customers. The Australian Federal Police, the Office of the Australian Information Commissioner and “key regulators” were also notified of the attack.
“We are devastated to discover that we have fallen victim to a cyberattack that has exposed our customers’ personal information to someone who should not see them,” said Kelly Bayer Rosmarin, CEO of Optus.
“As soon as we found out about it, we took steps to block the attack and launched an immediate investigation. While not all may be affected and our investigation is not yet complete, we want all of our clients to be aware of what happened whenever possible so that they can increase their vigilance. We are very sorry and understand that customers will be concerned. Rest assured that we work hard and cooperate with all relevant authorities and organizations to best protect our customers.
By: TechCrunch (opens in a new tab)