A cyberattack on one of Australia's largest telecoms companies could have accessed the personal information of as many as 9.8 million customers, in what one lawmaker called the most significant data breach in recent years. This is a huge concern for Australians, as it could potentially lead to identity theft and other problems. The telecom company is currently investigating the matter and has urged customers to change their passwords and take other security precautions.
Optus, an Australian unit of Singapore Telecommunications Ltd., said it is still investigating the source of a cyberattack that may have exposed customer information dating back to 2017. This information includes names, dates of birth, and phone numbers. The company first became aware of the breach on Wednesday, and is warning that some identity documents may also have been compromised.
Kelly Bayer Rosmarin, Optus's chief executive, said that the access of 9.8 million customer accounts is a worst-case scenario as investigators seek to define the extent of the breach. The breach has been referred to the Australian Federal Police.
According to a recent report, the number of people affected by the data breach may be smaller than initially thought. However, authorities are still working to determine the full extent of the damage.
Ms. Bayer Rosmarin said that, so far, the company hasn't received any ransomware demands following the cyberattack. "This is a sophisticated attack," she said. "The IP address keeps moving."
A spokesman for Cybersecurity Minister Clare O’Neil said the federal government’s Australian Cyber Security Centre was aware of the data breach. The Australian Federal Police said it would work with Optus “to obtain the crucial information and evidence needed to conduct this complex, criminal investigation.”
Australia has faced several attempts to access confidential data in recent years, prompting its leaders to increase investment to safeguard systems. In 2019, hackers sought access to the computer network in the country’s parliament, but were thwarted before confidential information was accessed. Scott Morrison, Australia’s prime minister at the time, said the attack appeared to be carried out by foreign agents.Australia has been the target of several attempts to access confidential data in recent years, prompting its leaders to increase investment in security systems. In 2019, hackers tried to break into the country's parliamentary computer network, but were stopped before they could access any sensitive information.
Prime Minister Scott Morrison said at the time that the attack appeared to be carried out by foreign agents.
James Paterson, shadow minister for cybersecurity with the opposition Liberal Party, said the apparent theft of so much personal information from Optus was particularly concerning. He called it the country’s most significant user-data breach in some time. Paterson said in a radio interview with the Australian Broadcasting Corp., “There’s certainly been other Australian-based companies that have been attacked, but none who hold so much personal detail of Australian users.”
Ms. Bayer Rosmarin said that Optus is legally obliged to retain customer data for six years, and that the company is working to identify which customers have been affected by the data breach. She said that all of the data affected by the breach is stored in Australia, and that the systems of Optus's parent company, Singtel, are unaffected.
As a leading independent research provider, TradeAlgo keeps you connected from anywhere.