The hackers behind the Optus attack have allegedly apologised for the incident and deleted the stolen data.
The personal details of over 10 million Australians were stolen and the perpetrators had originally demanded $1M in ransom not to release the information.
A Sydney man was reportedly arrested for questioning regarding the attack on Thursday October 6.
WATCH BELOW: What you should do as an Optus customer after the data breach
“A Sydney man has been arrested over an alleged SMS scam using information obtained in the Optus data breach, the Australian Federal Police have confirmed,” KIIS 106.5 FM’s newsreader announced.
“AFP Assistant Commissioner: Cyber Command will address the media this afternoon to provide details of all the arrests.”
“Too many eyes. We will not sale [sic] data to anyone. We cant if we even want to: personally deleted data from drive (only copy),” the alleged hacker’s posted on an online forum.
Authorities have been unable to confirm if the post is genuine.
The Australian Financial Review is reporting the information of more than 10,000 Optus customers were released before the attackers’ apparent about-face so unfortunately no one can rest easy just yet.
If you have signed up to an Optus service at any time since 2017 then you should be concerned about your information being released.
Here’s how to know if your data has been breached and what to do about it.
What data has been breached?
The data stolen in the Optus breach is extensive. The following information is believed to be compromised for some of the telco’s users.
- Names
- Dates of birth
- Phone numbers
- Email addresses
- Street addresses
- Drivers licence details
- Passport numbers
Optus has assured customer’s payment details and account passwords were not affected, however this doesn’t mean customers are in the clear.
Only a small amount of personal details are needed for a thief to steal your identity.
How to know if your data has been breached?
Over 10 million customers have had their data stolen and it’s not just current customers. Anyone who has signed up to an Optus service between 2017 and now is at risk.
Optus has already sent out an email to all customers regarding the attack – but this doesn’t mean your data has definitely been compromised. If you are at a heightened risk, Optus will contact you directly.
If you believe your data has been compromised you should contact Optus through their app (this is the way Optus recommends getting in touch) or call the telco on 133 937.
Optus has said it will not send any links by email or SMS so if you receive any claiming to be from Optus, do not click on it.
Computer savvy users would know that the website HaveIBeenPwned.com is the best way to find out if your information was leaked in a data hack.
[NB: “pwned” is gamer slang for being embarrassingly beaten, in this case if you turn up “pwned” on the website it means your data has been leaked.]
Unfortunately it won’t work this time. The website operates like a large search engine meaning the site operator needs to upload the leaked information to the site.
The cyber security professional who maintains the site, Troy Hunt has said he will not upload the data from the Optus hack because it would give users an inaccurate answer.
“The biggest reason not to load the data though is that the leaked 10.2k records represents only a tiny portion of the total corpus of records. 99.x% of people people impacted by the breach would get back “not pwned” (at least not in Optus), and that’s misleading and confusing,” Troy wrote on Twitter.
What should I do about the Optus data breach?
Firstly customers should change all online account passwords and, if you haven’t already, set up multi-factor authentication for online banking and your email accounts.
Keep a close eye on your finances. Check bank statements regularly and request a credit report to ensure no one has fraudulently taken out a loan in your name.
The Office of the Australian Information Commissioner (OAIC) says you can request a ban on your credit report if you suspect fraud.
If you’re concerned about your licence or passport number being compromised, unfortunately there isn’t much you can do unless someone has already tried to use your data.
In Victoria, drivers can only apply for a new licence if they have evidence of attempted fraud.
Similarly, in NSW drivers must “report the theft or incident to police and obtain a police event or ReportCyber receipt (CIRS) number”. NSW Service Minister Victor Dominello has advised Optus customers to apply for a replacement licence.
Queensland, Tasmania, WA, SA and the territories are yet to advise customers on what they can do about changing their licence number.
How might the stolen data be used?
The biggest risk to customers is that their information may be used to fraudulently take out loans or apply for credit cards.
Although Optus maintains financial records were not stolen, another risk is that thieves may be able to use the leaked information to break into the online banking accounts of victims.
The most likely use of the information, and the one customers have already experienced, would be to perpetrate additional scams through text and email.
The Commonwealth Bank of Australia has already confirmed it has blocked an account used in a scam to extort $2,000 from victims of the Optus attack.
Victims were receiving SMSes demanding the money or “your information will be sold and used for fraudulent activities within 2 days”.
Other common SMS scams have also ramped up in recent days such as those claiming to be from the Australian Post.
It is important that Optus customers remain highly vigilant of any suspect text messages or emails they recieve. Where possible contact business directly instead of clicking links in messages.
You can register fraudulent SMSes by forwarding them to Scamwatch on 0429 999 888.
Has the Optus hacker been caught?
Not yet. But the investigation is ongoing even after the ‘apology’.
Optus and the Australian Federal Police are both investigating and the FBI in the United States has been called in to assist.
If you’re concerned about your data being breached, the OAIC and Scamwatch websites have plenty of resources.
WATCH BELOW: Watch Out, New Parents: Internet-connected Baby Monitors are Being Hacked
