>
Optus, one of the largest telecommunications service providers in Australia, has suffered a data breach, exposing sensitive information about its customers, the company has confirmed.
In an official announcement, Optus said it began investigating “possible unauthorized access” to both current and former customer information after the cyber attack.
Whoever was behind the attack stole a lot of sensitive identity information from the company’s endpoints, including customer names, dates of birth, phone numbers and email addresses. Some customers have also exposed physical addresses, ID document numbers such as driver’s licenses or passport numbers. However, payment details and account passwords are safe.
Optus infringement
Optus did not disclose who was behind the attack, the threat actor’s motives, or how the systems were ultimately compromised (e.g. with phishing or malware). It did say it succeeded in shutting down the attack immediately.
It also declined to say how many customers may have been affected by the breach, but given the user base, the number could rise to around 10 million.
Important business services, such as mobile connectivity, home internet, messaging or voice calls are not affected. “Optus services remain safe to use and operate as normal,” the announcement said.
Since the attack, Optus has engaged the Australian Cyber Security Center to mitigate any potential risks to customers. The Australian Federal Police, the Australian Information Commissioner’s office and “key regulators” have also been notified of the attack.
“We are devastated to learn that we have been the victim of a cyber attack that resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” said Kelly Bayer Rosmarin, Optus CEO.
“As soon as we knew about it, we took action to block the attack and immediately launched an investigation. While not everyone may be affected and our investigation is not yet complete, we want all of our customers to be aware of what is happening. happened as soon as possible so that they can increase their vigilance. We are very sorry and we understand that customers will be concerned. Rest assured that we are working hard and cooperating with all relevant authorities and organizations to serve our customers as much as possible to protect.”
Through: TechCrunch (opens in new tab)