Australia's Optus contacts customers caught in cyber attack

FILE PHOTO: A woman uses her mobile phone as she walks past in front of an Optus shop in Sydney, Australia, February 8, 2018. REUTERS/Daniel Munoz/File Photo

(Reuters) - Australia's number two telecommunications company, Optus, said on Saturday it was contacting customers about a cyberattack that accessed personal details of up to 10 million customers, in one of Australia's biggest cybersecurity breaches.

Chief executive Kelly Bayer Rosmarin said on Friday she was angry and sorry that an offshore-based entity had broken into the company's database of customer information, accessing home addresses, drivers licence and passport numbers of the equivalent to 40% of Australia's population.

In an update on Saturday, the company, owned by Singapore Telecommunications Ltd, said it was contacting "all customers to notify them of the previously announced cyberattack’s impact, if any, on their personal details".

"We will begin with customers whose ID document number may have been compromised, all of whom will be notified by today. We will notify customers who have had no impacts last," it said in a statement. "No passwords or financial details have been compromised."

Optus has said corporate customers appeared unaffected by the "sophisticated" hack, which it initially informed customers about on Thursday.

The Sydney Morning Herald on Saturday reported Optus was probing a threat to sell millions of customers’ personal information online unless the company paid $1 million in cryptocurrency to the hackers.

Asked about the report, an Australian Federal Police spokesperson told Reuters that police were aware of reports alleging stolen Optus customer data and credentials may be being sold through a number of forums "including the dark web".

Optus said as the attack was under police investigation it "cannot comment on certain aspects of the incident".

The company, declining to give details of how the attacker breached its security, has said the attacker's IP address - the unique identifier of a computer - appeared to move between countries in Europe.

(Reporting by Sam McKeith; Editing by William Mallard)

Article type: free
User access status:
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!


Next In Tech News

TikTok hit by US lawsuits over child safety, security fears
Tesla teasing a�robotaxi must leave�customers scratching their heads
Biden admin tells Supreme Court law protecting social media companies has limits
Slowing crypto startup funding may still surpass 2021 record - Pitchbook
Apple: Most iCloud data can now be end-to-end encrypted
Amazon sued in US for ‘stealing’ delivery driver tips
Exposure to White supremacist ideologies in online games surged in 2022
Musk's bankers mull new Tesla margin loans to slash Twitter debt - Bloomberg News
US man charged with taking nude photos of woman with smoke detector spy camera
North Korean hackers exploited Seoul Halloween tragedy to distribute malware, Google says

Others Also Read