Optus Hacked: Customers warned to check in with their banks after personal data exposed

Optus hacked; customers warned to check in with their banks after personal data exposed

Last Thursday, Optus alerted its customers of the security breach and confirmed that the attack was quickly identified and shut down. However, the telco’s 11 million customers have been urged by cyber security experts to be extra vigilant of potential threats over the coming weeks.

Types of personal data that had been compromised included home addresses, ID documents such as driver’s licences and passports, phone numbers and customer names.

Optus is working with the Australian Federal Police, Australian Signals Directorate, and Office of the Australian Information Commissioner to mitigate risk and find the culprit of the attack.

The telco has confirmed the attack did not compromise services such as mobile and home internet, payment details or account passwords. The company also verified that messages and voice calls had not been compromised and were safe to use as well.

Experts are concerned that the security breach could pave more ways to conduct social engineering attacks. This is when scammers might pretend to be an Optus representative and trick people into handing over sensitive data.

The Australian Cyber Security Centre (ACSC) had been notified of the incident according to a spokesman for Cyber Security Minister Clare O’Neil.

“The Australian Signals Directorate’s Australian Cyber Security Centre has seen broad targeting of Australians and Australian organisations, through rapid exploitation of technical vulnerabilities by state actors and cyber criminals seeking to exploit weaknesses and steal sensitive data.”

The Optus data breach has been dubbed as one of Australia’s largest cyber attacks in history. According to Optus, the type of information which may have been exposed includes:

  • Customers’ names
  • Dates of birth
  • Phone numbers
  • Email addresses

For a subset of customers compromised data include:

  • Addresses
  • ID document numbers such as driver’s licence or passport numbers
  • Optus says payment details and account passwords have not been compromised.

According to Sean Duca, vice president and regional chief security office for APJ at Palo Alto Networks the attack calls for an even stronger collaboration between the Australian government and the private sector to tackle the rise in cyber attacks.

If you would like more information on how to identify potential cyber security threats speak to one of our cyber security experts today.

Contact