You are currently viewing Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme

Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme

The Australian Federal Police (AFP) on Monday disclosed it’s working to gather “crucial evidence” and that it’s collaborating with overseas law enforcement authorities following the hack of telecom provider Optus.

“Operation Hurricane has been launched to identify the criminals behind the alleged breach and to help shield Australians from identity fraud,” the AFP said in a statement.

The development comes after Optus, Australia’s second-largest wireless carrier, disclosed on September 22, 2022, that it was a victim of a cyberattack. It claimed it “immediately shut down the attack” as soon as it came to light.

The threat actor behind the breach also briefly released a sample of 10,200 records from the breach – putting those users at heightened risk of fraud – in addition to asking for $1 million as part of an extortion demand. The dataset has since been taken down, with the attacker also claiming to have deleted the only copy of the stolen data.

Optus, which is a wholly-owned subsidiary of Singtel, is estimated to have over 10 million subscribers as of December 2019. The telco did not reveal when the incident took place.

Although Optus has not yet confirmed how many customers may have been impacted by the breach, it said the unauthorized access could have exposed their names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver’s license or passport numbers.

Optus Breach Data Leak

To make matters worse, information belonging to former customers are also said to have been affected, raising concerns about how long telecom providers should be required to retain such data. Payment details and account passwords, however, have not been compromised.

Read the full article here

News Room

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.