Australia’s second-largest telecommunications provider, Optus, has revealed it suffered a cyber attack that may have accessed customer data. However, the company said the attack did not affect the platforms and services supporting wholesale, satellite and enterprise customers, as well as those of enterprise customers. Mobile and home internet services are also unaffected.
Suspicious activity was spotted on Wednesday, with Optus issuing a media statement on Thursday afternoon, which was a public holiday.
What Optus knows about the breach
The current 9.8 million “potentially” affected customers are the worst-case scenario, Optus chief executive Kelly Bayer Rosmarin told a media conference on Friday. This equates to around 37% of Australia’s population. In its latest financial report, Optus revealed it had more than 10 million mobile customers as of March 31, 2022.
Not only are current Optus mobile users affected, the company said even former customers’ data dating back to 2017 may have been accessed in the cyberattack.
No financial data and no passwords or images of customer documents were stolen in the cyberattack, Bayer Rosmarin said. What Optus believes has been accessed by cyberattacks so far includes names, dates of birth, phone numbers, email addresses and, for a subset of customers, addresses, ID numbers such as driving license or passport numbers .
Optus works with the Australian Cyber Security Centre
Upon discovery, Optus immediately terminated the attack and notified the Australian Federal Police (AFP), the Office of the Australian Information Commissioner and key regulatory authorities, and worked with the Australian Cyber Security Center to mitigate risks to customers.
Under the notifiable data breach scheme, Optus must notify the ACSC “as soon as practicable and no later than 30 days after being notified of a breach”, and those affected with recommendations on what to do. Optus decided the best course of action was to alert the media first while it investigated the attack to get information to customers more quickly.
Optus’ chief executive said the telco would inform all customers about the cyberattack, starting with those who had access to a larger amount of data. The telco is currently investigating the exact mechanics of the “sophisticated” attack and said Optus stores all its data in Australia.
Meanwhile, the AFP wrote in a statement that it was an alleged “mass data breach”. He also said he would work with Optus to obtain the important information and evidence needed to conduct this “complex criminal investigation”. Optus declined to comment on its cyber security operations and said the AFP had asked Optus not to “discuss certain details as it could compromise their ability to find the bad actor”.
Optus warns of possible fraudulent attacks
Optus is urging customers to be aware of possible scams following this cyber attack. Rosemary said that although the telco had chosen to inform those affected, Optus would not send any links in its communication.
The Australian Competition and Consumer Commission’s Scamwatch has warned Optus customers may be at risk of identity theft and should take “urgent action to prevent harm”.
Optus asked customers to take the following steps:
- Be on the lookout for any suspicious or unexpected activity in your online accounts, including your bank accounts. Be sure to report any fraudulent activity to the appropriate provider immediately.
- Beware of contact from scammers who may have your personal information. This may include suspicious emails, text messages, phone calls or social media messages.
- Never click on links that look suspicious, and never provide your passwords or personal or financial information.
Copyright © 2022 IDG Communications, Inc.
https://www.csoonline.com/article/3674810/a-third-of-australian-population-likely-affected-in-optus-cyberattack.html#tk.rss_news
