Current Optus Hack *Ransom Threat

Remove this Banner Ad

Kurve

Kurve

Moderator
Veteran Werewolf Player Sweet F.A Sikh Volunteers Charity Match 10k Posts Wordler
Dec 27, 2016
28,405
59,911
AFL Club
Western Bulldogs
You’ve probably heard that Optus has suffered a massive data breach, with hackers potentially gaining access to the personal information of millions of Australian customers. It’s one of the largest data breaches in Australia history, and the telco has confirmed that up to 9.8 million customers may be affected.

Optus first alerted customers and media to the cyberattack on Thursday afternoon after noticing suspicious activity on its network, which the telco says it shut down “immediately”. In addition to launching its own investigation, Optus has notified the Australian Federal Police and the Office of the Australian Information Commissioner, and is working with the Australian Cyber Security Centre to determine exactly how many customers could be impacted.

“While not everyone may be affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance,” Kelly Bayer Rosmarin, Optus CEO, said.

Hackers have been known to sell stolen information, particularly if an attack is financially motivated. However, Optus has not yet been able to confirm how much data has been exposed, or where that customer info may be circulating.

Fortunately, financial and payment details, account passwords, and voice calls and messages were not compromised, so data such as direct debit or credit card information remains safe. But both Optus and the Australian Competition and Consumer Commission’s ScamWatch branch have urged customers to watch out for signs of identity theft and, if needed, take extra steps to secure their accounts.

Meanwhile:

Someone wants $1 million in the Monero cryptocurrency from Optus to not sell the data to other people. Otherwise, they say they will sell it in parcels.

optushack.jpg

Optus investigates.

www.smh.com.au

Optus $US1 million ransom threat investigated

The hackers claim to have personal information on millions of Australians, although the authenticity of their assertion has not been established.
www.smh.com.au www.smh.com.au
 
Claims that the data came from an insecure test database (that had a copy of lots of real data on it).

www.abc.net.au

Optus rejects insider claims of 'human error' as possible factor in hack affecting millions of Australians

Optus has strenuously denied "human error" being a contributing factor in a data breach that inadvertently allowed cyber criminals to steal personal details of potentially millions of customers.
www.abc.net.au www.abc.net.au

'A senior figure inside Optus has spoken to the ABC on the condition of anonymity to offer confidential insights into the early findings uncovered by the telecommunication company's IT specialists.

"[It's] still under investigation. However, this breach, like most, appears to come down to human error," the Optus insider told the ABC.

"[They] wanted to make integrating systems easier, to satisfy two-factor authentication regulations from the industry watchdog, the Australian Communications and Media Authority (ACMA)."

The process allegedly involved opening up the Optus customer identity database to other systems via what's known as an Application Programming Interface, with the assumption that the API would only be used by authorised company systems.

"Eventually one of the networks it was exposed to was a test network which happened to have internet access."

It's claimed this allowed access to the Optus network from outside the company.

Optus told the ABC suggestions the attack stemmed from any form of human error were completely inaccurate but insisted the "sophisticated" incident was still under investigation.

Earlier on Friday, the ABC put specific questions to Optus CEO Kelly Bayer Rosmarin about whether human error involving the company's API was behind the breach.

"I know people are hungry for details about the exact specificity of how this attack could occur, but it is the subject of criminal proceedings and so we will not be divulging details about that," Ms Bayer Rosmarin told an online media briefing.'
 

Log in to remove this ad.

Hopefully they are not handing over all of the Optus customer's personal data to all of the banks!

Will they be handing it over to credit card and any other financial lenders and pay as you go lenders that are not "banks"?

www.abc.net.au

New security measures to be unveiled following massive Optus data breach

Under changes expected to be announced in coming days, banks and other institutions will be informed much faster when a data breach occurs at a company so personal data cannot be used to access accounts.
www.abc.net.au www.abc.net.au
'The ABC has been told the first step to occur will be directing Optus to hand over customer data to the banks so financial institutions can upgrade security and monitor customers who’ve had their personal details stolen.

Privacy protections currently prevent banks being immediately told about a cyber breach that's relevant to their customers.'

 
utility said:
Lawyers may be lawyering up for a class action.
Click to expand...

www.slatergordon.com.au

Optus Data Breach Class Action

Class action commenced regarding the September 2022 Optus customer data breach. Register for updates on a potential class action against Optus
www.slatergordon.com.au www.slatergordon.com.au
'By registering your interest below, we will provide you with updates on the progress of our investigation into any potential claim for compensation that may be available to persons affected by the data breach.'
 
Kurve said:
You’ve probably heard that Optus has suffered a massive data breach
Click to expand...

Referring to it as a cyberattack is now definitely a no no.

The Federal Attorney General (Mark Dreyfus) is today rightly referring to it as a 'data breach'

And the FBI is helping us with investigations.

www.theguardian.com

Senate backlash to public hearing threshold – as it happened

This blog is now closed
www.theguardian.com www.theguardian.com

'Mark Dreyfus says FBI also working on Optus data breach
The attorney general has also addressed the Optus data breach to say that the FBI has been called in to help:

The government, as well as the Australian Federal Police and other government agencies, are working closely together on the Optus data breach. The Australian Federal Police is taking this very seriously with a large number of officers involved, working with other Federal Government agencies and state and territory police and with the FBI in the United States and with industry.

I would also like to reinforce the message that has been given by the Privacy Commissioner publicly which is that all Optus customers should be vigilant. Do not click on any links in a text message.

Check all web site sources – just check that it is an official web site before taking any future action.

If you are unsure about why you are being asked to divulge private information, stop and verify who the person or organisation is that is making that request of you.

Finally, for affected Optus customers, I can say that the Office of the Australian Information Commissioner web site has further advice. Please visit oaic.gov.au and follow the prompts.
Updated at 11.47 AEST'
 

(Log in to remove this ad.)

BFew said:
Our Ex-PC (Fuller, now a PWC crisis management consultant/expert) is touting Gladys as her replacement from a public spokesperson point of view in the current Optus crisis.

Not sure how well her style of communication in a crisis, will go down outside of NSW.
Or in NSW either.

Click to expand...
Interesting choice but optus ceo should avoid any media or interviews. She cannot handle the situation
 
I foresee Dan and Dom getting their heads together (just like old times), to come up with a pre-election solution to manage the anticipated high-volume of requests for a new drivers licence number.

Could 'personal responsibility' be about to make a comeback?

From now on, you get to choose your own DL number.
Service NSW/Victoria Apps will have a new licence generator function to help if you can't think of your own number.
You can even use emoticons as part of your number.

And you will be able to make your own Drivers Licence too.
DIY kits to make your own will be available for concession card holders from pharmacists and Maccas.

Example: bfew1🌊2💩3🤮
 
BFew said:
www.slatergordon.com.au

Optus Data Breach Class Action

Class action commenced regarding the September 2022 Optus customer data breach. Register for updates on a potential class action against Optus
www.slatergordon.com.au www.slatergordon.com.au
'By registering your interest below, we will provide you with updates on the progress of our investigation into any potential claim for compensation that may be available to persons affected by the data breach.'
Click to expand...

Here's a different legal firm's Class Action for this Event.

www.mauriceblackburn.com.au

2022 Optus Data Breach Representative Complaint

Maurice Blackburn is investigating a potential class action against Optus over a major cyberattack that resulted in a customer data breach, involving millions of current and former Optus account holders.
www.mauriceblackburn.com.au www.mauriceblackburn.com.au

'Maurice Blackburn is investigating potential legal action against Optus over a major customer data breach involving millions of current and former Optus account holders.

What information has been compromised?

The compromised customer data includes customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver's license or passport numbers.

Am I affected?

If you are a current or former Optus customer you are eligible to register to receive updates about the investigation into any potential action and compensation which may be sought on your behalf.'

Maurice Blackburn | Optus Data Breach

2022-optus-data-breach.au.casefunnel.io 2022-optus-data-breach.au.casefunnel.io
 
What a ****ing joke Optus are to ignore security in the name of cost saving.

The playing the victim is equally poor and they should instead have saved money by sacking CEO Kelly Bayer Rosmarin and a few others who have approved of such actions.
 
This is a good article on some of the likely impacts of this Optus debacle.
Well worth a read.

The 'real victims' of the Optus data breach
'The cost, the stress and inconvenience will likely be felt beyond Optus and its customers in ways the experts are just starting to define — perhaps even over international borders.'
 
Dumbest company in Australia.

Paid them $132 the other day and now they steal another $132 off me from an expired card. Then they tried to victim blame me as if it was my fault. They claim that they refunded me but I doubt it.

Just speaking to them on the phone lately makes you feel incredibly uneasy as if you’re not even speaking to an Optus employee.
 
  • Thread starter
  • Moderator
  • #25
You must log in or register to reply here.

Similar threads

metic
SCAMS
2 3
Replies
55
Views
3K
GrayRanga
G
Kurve
Current Medibank Data Breach *Hackers based in Russia
Replies
3
Views
686
Sqotty from office works
Sqotty from office works
Kurve
London Met Police - Rolling Scandals Under Threat of Dismantling
Replies
5
Views
422
Kurve
Kurve
Kurve
Current Trial Plutus Payroll Tax Fraud * The biggest tax fraud in Australia's history
Replies
23
Views
2K
Angry Red Bull
Angry Red Bull

Remove this Banner Ad

Back
Top