Optus cyberattack: Authorities probe ransom demand

Personal information of nearly 10 million customers was taken

Optus cyberattack: Authorities probe ransom demand

Cyber

By Roxanne Libatique

Australian mobile-phone company Optus has confirmed that authorities are already investigating an online ransom demand following the major breach that exposed the personal data of nearly 10 million customers.

In a recent Bloomberg report, Optus CEO Kelly Bayer Rosmarin confirmed that the company is still trying to retrieve the data with the help of the police and cybersecurity officials – with the Australian Federal Police “all over” an online post indicating that customer details will be sold unless the company paid a ransom.

Home Affairs and Cyber Security Minister Clare O'Neil revealed that “basic personal information” (such as names, dates of birth, phone numbers, and email addresses) was taken from 9.8 million Optus customers and personal data (such as driving license and passport numbers) from 2.8 million customers.

“The scope for identity theft and fraud is quite significant,” O'Neil said, as reported by Bloomberg, emphasising that Australia's data and technology defences are years behind cyber criminals.

“We are probably a decade behind in privacy protections where we ought to be,” O'Neil said, as reported by Bloomberg. “We're about five years behind where we should be in cyber protections when it comes to how fast things are moving.”

Optus has assured that payment details and account passwords have not been compromised. However, it advised current and previous customers to have “heightened awareness,” including looking out for unusual or fraudulent activities or notifications.

Cyberattacks have been rampant since the COVID-19 pandemic started. In 2021, a cyber report found that security incidents remained high throughout the year, with four in 10 Australian businesses successfully breached. Australian IT leaders ranked ransomware, malware, and phishing or whaling as the leading sources of increased cyber security attacks.

In early 2022, a cyber risk index found that 76% of global organisations surveyed expect to be successfully breached for the rest of the year, with 25% claiming it is “very likely” to happen.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!