Millions hit as Optus hacked
Passport details allegedly stolen
POLICE are investigating a massive hacking attack against Optus that may have compromised millions of customers, but the company’s boss has only offered an apology and a few words of advice.
Passport and driver’s licence numbers were among information allegedly stolen in the hacking.
Australian Federal Police have launched a probe after a referral from Optus about the alleged “mass data breach”.
“The AFP will work with Optus to obtain the crucial information and evidence needed to conduct this complex, criminal investigation,” the AFP said on Friday.
“The AFP’s specialist cyber command will work closely with a number of agencies, including the Australian Signals Directorate.”
Optus chief executive Kelly Bayer-Rosmarin apologised for the cyber intrusion in a
conference call on Friday, saying “it should not have happened”.
“I’m disappointed that we couldn’t prevent it,” she said.
“It undermines all the great work we’ve been doing to be a pioneer in this industry, be a challenger, and create new and wonderful experiences for our customers. I’m really sorry.”
The cyber breach could have wide-reaching consequences for both private and small business customers, Ms Bayer-Rosmarin said.
In an “absolute worst-case scenario”, 9.8 million customers were affected, although Ms Bayer-Rosmarin said authorities were still investigating the breach and the full impact was not yet known.
Unconfirmed screengrabs from a dark web hacker forum show cyber criminals claiming to have access to one million Optus phone numbers.
Ms Bayer-Rosmarin urged customers to be on the watch for suspicious contacts in the near future, fearing bad actors who accessed the stolen data could use it to place scam calls.
“What customers can do is just be vigilant,” she said. “It really is about increased vigilance, and being alert to any activity that seems suspicious or odd, or out of the ordinary.
“If somebody calls you and says they want to connect to your computer, and says to give them your password or let them in, don‘t allow that to occur.”
She said passwords and financial details had not been compromised.
Police urged everyone to harden their online security to help prevent falling victim to malware and scams.