Optus breach: Personal information hacked in widespread cyberattack
One of the most serious cyberattacks’: Customer data exposed in Optus hack
Nick Bonyhady
By Nick Bonyhady
Updated September 22, 2022 — 6.16pmfirst published at 2.36pm
Save
Share
Normal text sizeLarger text sizeVery large text size
181
View all comments
KEY POINTS
Hackers have breached Optus’ systems in one of the largest cyberattacks in Australian history.
Up to 9 million of the teleco’s customers may have had their contact details exposed to the hackers, putting them at risk of identity theft.
Early indications from Optus are that the hackers are based overseas but not in China.
Advertisement
Hackers have breached Optus’ systems in one of the largest cyberattacks in Australian history, accessing names, dates of birth, phone numbers, email addresses, physical addresses and driver’s licence numbers of millions of the telecommunications giant’s customers.
Well-placed sources not authorised to speak publicly said that up to 9 million customers had been affected. Many had their contact details exposed to the hackers, who also pilfered even more sensitive details, such as passport and drivers’ licence numbers, for a smaller portion of Optus customers.
Optus chief executive Kelly Bayer Rosmarin has apologised in the wake of the hack but declined to confirm its scale.
Depending on how much of the information the hacker or group have managed to extract, millions of Australians could be at risk of identity theft or fraud if the data is published or Optus could receive a ransom demand.
Optus chief executive Kelly Bayer Rosmarin declined to say who was behind the attack, how it was executed or how many accounts were compromised because investigations are ongoing, but described it as a “significant number” that included current and former customers.
“Unfortunately, we became aware late yesterday that there was an unusual activity [on our network] that was a cyberattack,” Bayer Rosmarin said on the ABC. “We’re still really in the throes of investigating exactly what information has been accessed and working with all the authorities and others to try and determine who has access to them for what purpose.”
RELATED ARTICLE
Doctors can use Uber Health to book rides for their patients and are billed the fare.
Updated
Cyber security
Uber blames international hacking collective for major breach
Optus’ services such as mobile and internet are still operating and safe to use, the company said in a statement on Thursday. There is no evidence so far that any payment detail and account passwords were compromised or that stolen information has been published.
Early indications from the company are that the hackers are based overseas but not in China and that the hack used a vulnerability in an API – a common tool for computer systems to talk to each other – that has since been shut down.
Bayer Rosmarin apologised to customers who have been affected, said the company was working closely with law enforcement and emphasised it was notifying people early to ensure Australians could be vigilant.
Advertisement
“We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” she said.
”While not everyone may be affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance. We are very sorry and understand customers will be concerned.“
She said Optus was contacting customers at “high risk” and encouraged all to look out for unusual or fraudulent activity. Optus has also informed the Australian Federal Police, Office of the Australian Information Commissioner, financial institutions, government regulators and Australian Cyber Security Centre of the breach.
A spokesman for the commissioner’s office noted that, under law, organisations hit with a data breach must tell people “as quickly as possible” if it is likely to result in serious harm to them. The ACSC declined to comment.
Robert Potter, co-founder of cybersecurity company Internet 2.0, said Optus had done the right thing in disclosing the breach early because it let people respond quickly but added there was still substantial risk if the information gets out.
“The risk of it being on the dark web is around this being used for identity theft,” Potter said.
Former head of the Australian Cyber Security Centre Alastair MacGibbon cautioned that there is a difference between information being accessed and downloaded.
Former head of the Australian Cyber Security Centre Alastair MacGibbon cautioned that there is a difference between information being accessed and downloaded.CREDIT:ALEX ELLINGHAUSEN
Alastair MacGibbon, a former head of the cyber security centre now with cybersecurity firm CyberCX, said Optus customers should be watchful for “where the criminals are essentially mimicking them, or stealing their identity, trying to obtain credit in their name, etcetera.”
RELATED ARTICLE
cyberwafr explainer
Explainer
Cyber security
Hackers can stop the trains and the lights. But could they start a war?
“[Optus] might have already been contacted by criminals,” MacGibbon said on the ABC, though there is no indication that is the case. “We don’t know necessarily what the motives are.”
Liberal Senator James Paterson, a former chairman of the parliamentary committee overseeing Australia’s intelligence and security agencies, said it was vital to work out who was behind the attack.
“These very concerning reports represent one of the most serious cyberattacks ever suffered by an Australian business,” Paterson said.
Common motives in cyberattacks include industrial espionage, extortion threats or simply showing off. Hacking groups linked to national governments also sometimes use cyber crime for political ends.
RELATED ARTICLE
Natalie Fisher almost lost more $300,000 from a cyberattack.
Income protection
‘You can’t not have it’: Companies turn to cyber insurance as hackers rise
Cyberattacks are growing in severity globally and locally. Recently transport firm Uber and the gaming giant Take-Two Games, which makes the multibillion-dollar Grand Theft Auto franchise, have been breached.
A spokesman for Cybersecurity Minister Clare O’Neil declined to answer specific questions, saying they should be directed to Optus, but noted there were more and more online attacks hitting Australian businesses.
Nick Bonyhady
By Nick Bonyhady
Updated September 22, 2022 — 6.16pmfirst published at 2.36pm
Save
Share
Normal text sizeLarger text sizeVery large text size
181
View all comments
KEY POINTS
Hackers have breached Optus’ systems in one of the largest cyberattacks in Australian history.
Up to 9 million of the teleco’s customers may have had their contact details exposed to the hackers, putting them at risk of identity theft.
Early indications from Optus are that the hackers are based overseas but not in China.
Advertisement
Hackers have breached Optus’ systems in one of the largest cyberattacks in Australian history, accessing names, dates of birth, phone numbers, email addresses, physical addresses and driver’s licence numbers of millions of the telecommunications giant’s customers.
Well-placed sources not authorised to speak publicly said that up to 9 million customers had been affected. Many had their contact details exposed to the hackers, who also pilfered even more sensitive details, such as passport and drivers’ licence numbers, for a smaller portion of Optus customers.
Optus chief executive Kelly Bayer Rosmarin has apologised in the wake of the hack but declined to confirm its scale.
Depending on how much of the information the hacker or group have managed to extract, millions of Australians could be at risk of identity theft or fraud if the data is published or Optus could receive a ransom demand.
Optus chief executive Kelly Bayer Rosmarin declined to say who was behind the attack, how it was executed or how many accounts were compromised because investigations are ongoing, but described it as a “significant number” that included current and former customers.
“Unfortunately, we became aware late yesterday that there was an unusual activity [on our network] that was a cyberattack,” Bayer Rosmarin said on the ABC. “We’re still really in the throes of investigating exactly what information has been accessed and working with all the authorities and others to try and determine who has access to them for what purpose.”
RELATED ARTICLE
Doctors can use Uber Health to book rides for their patients and are billed the fare.
Updated
Cyber security
Uber blames international hacking collective for major breach
Optus’ services such as mobile and internet are still operating and safe to use, the company said in a statement on Thursday. There is no evidence so far that any payment detail and account passwords were compromised or that stolen information has been published.
Early indications from the company are that the hackers are based overseas but not in China and that the hack used a vulnerability in an API – a common tool for computer systems to talk to each other – that has since been shut down.
Bayer Rosmarin apologised to customers who have been affected, said the company was working closely with law enforcement and emphasised it was notifying people early to ensure Australians could be vigilant.
Advertisement
“We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” she said.
”While not everyone may be affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance. We are very sorry and understand customers will be concerned.“
She said Optus was contacting customers at “high risk” and encouraged all to look out for unusual or fraudulent activity. Optus has also informed the Australian Federal Police, Office of the Australian Information Commissioner, financial institutions, government regulators and Australian Cyber Security Centre of the breach.
A spokesman for the commissioner’s office noted that, under law, organisations hit with a data breach must tell people “as quickly as possible” if it is likely to result in serious harm to them. The ACSC declined to comment.
Robert Potter, co-founder of cybersecurity company Internet 2.0, said Optus had done the right thing in disclosing the breach early because it let people respond quickly but added there was still substantial risk if the information gets out.
“The risk of it being on the dark web is around this being used for identity theft,” Potter said.
Former head of the Australian Cyber Security Centre Alastair MacGibbon cautioned that there is a difference between information being accessed and downloaded.
Former head of the Australian Cyber Security Centre Alastair MacGibbon cautioned that there is a difference between information being accessed and downloaded.CREDIT:ALEX ELLINGHAUSEN
Alastair MacGibbon, a former head of the cyber security centre now with cybersecurity firm CyberCX, said Optus customers should be watchful for “where the criminals are essentially mimicking them, or stealing their identity, trying to obtain credit in their name, etcetera.”
RELATED ARTICLE
cyberwafr explainer
Explainer
Cyber security
Hackers can stop the trains and the lights. But could they start a war?
“[Optus] might have already been contacted by criminals,” MacGibbon said on the ABC, though there is no indication that is the case. “We don’t know necessarily what the motives are.”
Liberal Senator James Paterson, a former chairman of the parliamentary committee overseeing Australia’s intelligence and security agencies, said it was vital to work out who was behind the attack.
“These very concerning reports represent one of the most serious cyberattacks ever suffered by an Australian business,” Paterson said.
Common motives in cyberattacks include industrial espionage, extortion threats or simply showing off. Hacking groups linked to national governments also sometimes use cyber crime for political ends.
RELATED ARTICLE
Natalie Fisher almost lost more $300,000 from a cyberattack.
Income protection
‘You can’t not have it’: Companies turn to cyber insurance as hackers rise
Cyberattacks are growing in severity globally and locally. Recently transport firm Uber and the gaming giant Take-Two Games, which makes the multibillion-dollar Grand Theft Auto franchise, have been breached.
A spokesman for Cybersecurity Minister Clare O’Neil declined to answer specific questions, saying they should be directed to Optus, but noted there were more and more online attacks hitting Australian businesses.
