cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram

Deja vu: Optus suffers data breach from major cyber attack

Less than a year after it suffered one of the biggest cyber attacks in Australian history, Optus has announced that some of its data has been leaked.

user icon Daniel Croft
Mon, 03 Jul 2023
Deja vu: Optus suffers data breach from major cyber attack
expand image

The telco, which suffered from the first of the big three cyber attacks of the last 10 months alongside Medibank and Latitude Financial, has announced that some of its data had been leaked due to the HWL Ebsworth attack.

While Optus has not yet confirmed if the stolen data includes customer information and personal details, the hacked data includes information relating to an investigation by the Office of the Australian Information Commissioner (OAIC) into Optus that was launched in 2021.

This is a different investigation from the one the OAIC launched into Optus last year relating to the major data breach.

In a dialogue with the OAIC, Optus said that it was aware that it had been affected by the HWL Ebsworth breach. It is also working with the OAIC to determine “the extent to which Optus information has been affected in this data breach involving files held by HWL Ebsworth”.

The telco also said that it would review Optus documentation provided by HWL Ebsworth and contact those affected.

Optus was previously attacked back in September, leading to the data of roughly 11 million people being stolen.

The HWL Ebsworth attack occurred in April this year and has led to a large number of major organisations being affected, including the big four banks, federal and state government departments, and the OAIC.

The attack was launched by the Russian-backed ALPHV hacking group, which stole 1.45 terabytes of data from the law firm.

HWL Ebsworth has been contacted by the threat group with ransom demands to prevent the publishing of the stolen information.

According to CyberCX’s director of cyber intelligence and public policy, Katherine Mansted, attacking high-profile targets such as major organisations and government is in line with ALPHV’s threat pattern of “big game hunting”.

“They’re one of the most prolific threat actors in Australia and have been for some time since they first emerged on the scene,” she told the AFR.

“We have observed them compromise at least 14 Australian organisations, and a lot of those are in the professional services sector.

“It’s been quite deliberate about the targets that it attacks; professional services in a sector that ALPHV assesses as having some pretty sensitive information that it can hold at risk.”

ALPHV has been seen to be particularly brutal in its tactics by posting stolen data on the public internet rather than just the dark web as previous hacking groups have.

Despite this, HWL Ebsworth has maintained that it will not pay ransom and that its top priority is to protect the community and refuse to reward the activities of cyber criminals.

“We take our ethical and moral duties to the community very seriously. We consider we have a fundamental civic duty to not, in any way, encourage or be seen to condone the criminal activity of extorting money by taking and threatening the publishing of other people’s data,” the law firm told the ABC.

“The privacy and security of our client and employee data remains of the utmost importance. We acknowledge and understand the impact this may have, and we are communicating closely with our clients.”

Comments powered by CComment

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.