Optus warns that Australian customer data could have been exposed as a result of a cyberattack

Australian company Optus says up to 10 million customers have been affected by cyberattacks

A woman talks on her cell phone as she walks past an Optus store in Sydney, Australia February 8, 2018. REUTERS/Daniel Munoz/File Photo

Register now and get FREE unlimited access to Reuters.com

SYDNEY, Sep 23 (Reuters) – Australia’s No. 2 telecommunications company Optus, owned by Singapore Telecommunications Ltd (STEL.SI), said it would contact 10 million customers whose identities were stolen through a “sophisticated” hack, but added that corporate clients were compromised.

Optus chief executive Kelly Byer Rosemary said she was outraged and sorry that an offshore organization hacked into the company’s customer database, gaining access to home addresses, driver’s license and passport numbers, in one of the largest cybersecurity breaches in the country.

Up to 9.8 million accounts could be compromised, equivalent to 40% of the Australian population, but “this is the absolute worst-case scenario (and) we have reason to believe that the number is actually less,” Bayer Rosemary said.

Register now and get FREE unlimited access to Reuters.com

Bayer Rosmarin said corporate customers were not affected and there is no indication that the attacker obtained the customer’s bank account details or passwords. Police and cybersecurity authorities are still investigating the attack, which Optus reported to customers on Thursday.

“We will specifically identify which customers (have been affected) and proactively contact each customer with clear explanations of what information of theirs has been exposed and stolen,” Bayer Rosmarin said at an online media briefing on Friday.

“I’m angry that there are people who want to do this with our clients. I am disappointed that we were not able to prevent this … and I am very sorry, ”she added.

She declined to give details of how the attacker compromised the company’s security system, citing an ongoing criminal investigation, but noted that the attacker’s IP address – a computer’s unique identifier – moves between unspecified countries in Europe.

As a major telecommunications company, Optus considered itself a target for cyberattacks and regularly fended off attempts to compromise its systems, but “this particular attempt is unlike anything we’ve seen before and, unfortunately, it was successful,” she said. .

Register now and get FREE unlimited access to Reuters.com

Reporting by Byron Kay; Edited by Lincoln Fist.

Our Standards: Thomson Reuters Trust Principles.

Leave a Comment

Your email address will not be published.