Optus Confirms Major Data Breach Affecting Sensitive Customer Information
Australian telco Optus has confirmed a significant data breach, with unauthorized access to sensitive customer information. The cyberattack, which occurred on Wednesday, September 21, has raised concerns about cybersecurity awareness and prompted calls for stronger measures.
Optus CEO Kelly Bayer Rosmarin has acknowledged the breach, revealing that names, dates of birth, phone numbers, email addresses, addresses, and ID document numbers may have been accessed. The company has not specified the number of impacted customers but is in the process of contacting them directly.
In response to the incident, Optus has paused SIM swaps, replacements, and change of ownership transactions to mitigate fraud risks. The telco is also working with various Australian agencies, including the Australian Cyber Security Centre, Australian Signals Directorate, Australian Federal Police, and the Office of the Australian Information Commissioner to address the situation.
Shadow Minister for Communications Sarah Henderson has described the breach as a 'wake-up call' for the new Albanese government. She has urged the government to strengthen cybersecurity measures to prevent such incidents in the future. Professor Ryan Ko, Chair of Cybersecurity at the University of Queensland, has emphasized the importance of companies' response to breaches and government regulation of data storage.
Optus customers are advised to remain vigilant and take necessary precautions to protect their personal information. While customer payment details and account passwords remain secure, and wholesale, satellite, and enterprise customers are unaffected, the breach serves as a reminder of the importance of robust cybersecurity measures in the USA and other states. The investigation into the breach continues, with the identity of the hacker group yet to be disclosed.
