iscover
ReporterShare this article on:
Powered by
MOMENTUM
MEDIA
Optus is contacting customers about the breach and prioritising those whose identification documents may have been compromised.
Amid warnings that scammers will try to profit from the massive Optus cyber attack, customers whose passport or driver's licence numbers were stolen in a massive data breach are being contacted by the telco.
Optus has also warned its text messages or emails to customers won't carry internet links and has made a note to ensure customers are well aware so if anyone sees a link, this could be a set up for a scam. “Please do not click on any links,” Optus said in a statement on Saturday.
According to the telco, these customers will be notified by Saturday, while those who aren’t affected will be last on the list to be contacted.
The Australian Federal Police (AFP) is also looking into reports that stolen customer data and identification numbers could be for sale through a number of forums, including the dark web.
A post on one data breach forum claimed two files containing customer information would be sold if a US$1 million ($1.53 million) ransom was not paid by Optus within a week.
"The AFP are using specialist capability to monitor the dark web and other technologies and will not hesitate to take action against those who are breaking the law," a spokesperson said.
Anyone who buys stolen credentials faces up to 10 years in prison.
The cyber attack could trigger a rush of scams by criminals, Optus noted, including phishing calls, emails and text messages.
"Given the investigation, Optus will not comment on the legitimacy of customer data claimed to be held by third parties and urges all customers to exercise caution in their online transactions and dealings.
"As the cyber attack is now under investigation by the Australian Federal Police, Optus cannot comment on certain aspects of the incident,” Optus has stated.
Optus vice president Andrew Sheridan described the hack on Friday as "very sophisticated".
While no passwords or financial details were compromised in the attack, some 9.8 million customers were impacted but human error was not to blame for the breach.
Optus, which began contacting millions of customers on Friday, has apologised for the breach.
The telco added that getting information out through news channels was the "quickest and most effective way" to alert customers and communicate the severity of the situation.
[Related: Wavelink strikes up new distribution partnership for Claroty's Medigate]
Be the first to hear the latest developments in the cyber industry.
