Optus Breach Hackers Release 10,200 customer records in extortion scheme. Australian telecommunications company, Optus, was the victim of a cybersecurity incident on September 22, 2022. They immediately shut down the attack when they became aware.
Australia’s Federal Police is working to develop evidence and collaborating with other law enforcement officials after the Optus Breach.
Investigations are being launched to determine the criminals behind Optus Breach, to find solutions and shield Australians from identity fraud.
There is also a chance that the attackers could have released information about the breach voluntarily, asking for $1 million in return.
Optus is a wholly-owned subsidiary of Singtel. They have over 10 million subscribers. The Optus breach incident was not revealed when it happened.
The Optus breach could have exposed the names and personal information of customers such as their phone number, email address, ID document numbers such as a driver’s license or passport number. However, because Optus can’t confirm how many people were impacted by the breach, we will likely have to wait for more details from the company.
Paying customers may have had some of their information compromised, such as contact and account details, just for accessing the company’s website. These customers won’t be hurt financially.
Optus might be legally obligated to hold onto some of your personal information. Legal obligations may prevent the company from deleting it.
The company has not shared more details on how the hack occurred, but according to security journalist Jeremy Kirk, it involved accessing an unauthenticated endpoint named “api.www.optus.com[.]au.” that remains publicly accessible as early as January 2019.
Users that sign up for Optus should take care to secure any bank or financial account. They should also watch out for any scams or phishing attempts by monitoring their account.To help reduce the risk of identity theft, Equifax is offering its most at-risk current and former customers a free 12-month subscription to credit monitoring and identity protection services.
The Australian Competition and Consumer Commission (ACCC) recommends never clicking on links or providing personal information to people who contact you out of the blue.