In a worrying trend, a threat actor on the Dark Web is claiming to have possession of Optus' extensive database containing the personal details of 10 million customers, which could potentially be related to the data leak which occurred in September last year.
This purported database includes sensitive information such as email addresses, first names, last names and physical addresses.
The news first broke on Twitter via the account @DailyDarkWeb on July 31 and has since sent shockwaves through the cybersecurity community.
Renowned Australian cybersecurity expert, Troy Hunt, responded to the tweet with a measured statement, cautioning, “Claims. Time will tell if it’s genuinely Optus data.”
“Claims”. Time will tell if it’s genuinely @Optus data. https://t.co/VtE2UaWJEg— Troy Hunt (@troyhunt) July 31, 2023
Last September, the hack on Optus shook the nation, when data of 11.2 million customers were held for ransom by the hacker.
However, in a quick turn of events, the hacker withdrew the ransom demand, apologised to Optus and the Australian people and claimed that the data had been destroyed.
Presently, authorities and cybersecurity experts are in the process of verifying the authenticity of the new claim.
The seller's motives remain unclear, and as of now, no evidence has been provided to substantiate the seller's allegations.
Optus has yet to officially comment on the matter, leaving customers and the public awaiting confirmation on the validity of the situation.
What happened last year?
Last September, Optus revealed that the breach in its systems exposed an unspecified number of customer names, dates of birth, phone numbers and email addresses.
Alarmingly for a subset of customers, addresses and identity document numbers, such as driver’s licences or passport numbers, were also taken in the breach.
However, payment details and account passwords were not compromised in the attack.
Darkweb screenshots surfaced quickly after the attack, with an underground BreachForums user going by the moniker of ‘optusdata’ offering two tranches of data - one with 10 million records.
The hacker claimed to have records for about 11.2 million Optus customers, including their names, dates of birth, phone numbers, email addresses and, for a subset of customers, addresses and ID document numbers such as driver’s licence or passport numbers.
Subsequently, optusdata released 10,000 records to twist Optus’s hand in the negotiations and verify the legitimacy of the claims.