Optus warns cyberattack may have exposed Australian client details

SYDNEY, Australia – Optus, the Australian unit of telecoms firm Singapore Telecommunications, said it was investigating the unauthorized access of customer details including home addresses, driver’s license and passport numbers, after a cyberattack.

Wireless carrier Optus said in a statement on Thursday, September 22, it had immediately shut down the attack after discovering it, and that payment details and account passwords had not been compromised.

Optus CEO Kelly Bayer Rosmarin said the company had notified Australian Federal Police after noticing “unusual activity.”

Bayer Rosmarin told ABC television the company will contact high-risk customers “quite soon,” and apologized for the incident.

She said names, dates of birth, and contact details had been accessed, “in some cases” the driving license number, and in “a rare number of cases the passport and the mailing address” had also been exposed.

Investigators are trying “to understand who has been accessing the data and for what purpose,” she said.

“Optus is working with the Australian Cyber Security Center to mitigate any risks to customers,” Optus said in the statement on its website.

Bayer Rosmarin said Optus had put all customers on high alert as a precaution.

The Australian newspaper reported that up to 9 million customers may have been affected. Optus told Reuters it could not confirm the number of customers impacted and was continuing to investigate.

“Optus has also notified key financial institutions about this matter. While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious,” the Optus statement added.

“It is a significant breach by Australian standards,” the former National Cybersecurity Adviser, Alistair MacGibbon, told ABC television. – Rappler.com