Telecommunications giant Optus is investigating a cyberattack on its systems that may have compromised the personal information of current and former customers, possibly affecting millions of Australians' data security.
In a statement, the company revealed that the breach exposed an unspecified number of customer names, dates of birth, phone numbers, and email addresses.
Alarmingly for a subset of customers, addresses and identity document numbers, such as driver’s licenses or passport numbers, were also taken in the breach.
However, payment details and account passwords were not compromised in the attack.
Optus says that it has shut down the attack and is working with the Australian Cyber Security Centre to mitigate any risks to customers.
The company is yet to reveal how the hackers were able the access its systems.
Hi, we are working closely with the Australian Cyber Security Centre, key regulators and authorities to mitigate any risks to customers. We also notified the Australian Federal Police and financial institutions.(1/3)— Optus (@Optus) September 22, 2022
Customers warned to increase vigilance
Optus CEO Kelly Bayer (ETR:BAYGN) Rosmarin said: "We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customer's personal information to someone who shouldn’t see it.
"As soon as we knew, we took action to block the attack and began an immediate investigation.
“While not everyone maybe affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance.
“We are very sorry and understand customers will be concerned.
“Please be assured that we are working hard, and engaging with all the relevant authorities and organisations, to help safeguard our customers as much as possible."
Am I affected?
Optus is in the process of contacting customers who have been directly impacted by the data breach.
The company claims that it is not aware of any customers who are directly in harm's way, however, Optus encourages heightened awareness across all fronts for its customers, which include:
- Look out for any suspicious or unexpected activity across your online accounts, including your bank accounts. Make sure to report any fraudulent activity immediately to the related provider.
- Look out for contact from scammers who may have your personal information. This may include suspicious emails, texts, phone calls or messages on social media.
- Never click on any links that look suspicious and never provide your passwords or any personal or financial information.
While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious.”