Jump to content
  • Optus confirms 2.1 million ID numbers exposed in data breach


    Karlston

    • 548 views
    • 2 minutes
     Share


    • 548 views
    • 2 minutes

    Optus confirmed yesterday that 2.1 million customers had government identification numbers compromised during a cyberattack last month.

     

    In a press statement released yesterday, the mobile carrier updated the information regarding the personal data of 9.8 million customers exposed during the attack.

     

    In an investigation, Optus confirmed that a total of 2.1 million customers had valid or expired ID document numbers exposed to the hackers.

     

    Of these 2.1 million customers, 1.2 million had at least one number from a current and valid form of identification compromised, and 900,000 had ID numbers exposed but from documents that are now expired.

     

    "Today's update helps provide more clarity for our customers," reads the press statement.

     

    "Having worked with government agencies to meticulously analyse the data for the company's 9.8 million customers, Optus can confirm the exposed information did not contain valid or current document ID numbers for some 7.7 million customers."

     

    However, all 9.8 million customers had other personal information exposed, including email addresses, date of birth, or phone numbers.

     

    Optus has sent SMS text messages to customers whose ID numbers were compromised in the cyberattack with information on their next steps.

     

    Customers whose driver's license details were compromised can request a new driver's license number to prevent identity theft or fraudulent activity.

     

    The threat actor had initially attempted to extort Optus with a $1 million ransom demand not to publish or sell the stolen data.

     

    After not receiving a payment, the hacker leaked the data of 10,000 customers on a hacking forum that included names, addresses, email addresses, phone numbers, and dates of birth.

     

    A few days later, feeling the pressure of law enforcement, the hacker apologized to Optus and its customers and claimed to have deleted all of the stolen data.

     

    forum-post(1).png

    Hacker apologizing to Optus  Source: BleepingComputer

     

    However, as there is no way to determine if the hacker actually deleted the data, all Optus users should assume that threat actors may use their data in future fraud or phishing attacks.

     

    Therefore, it is strongly advised to be wary of any emails claiming to be from Optus asking you to provide further information or login into your account.

     

    If you receive an email or SMS text claiming from Optus, directly log in to the company's site and review any messages there.

     

     

    Optus confirms 2.1 million ID numbers exposed in data breach

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...