Optus Data Leak: PII of 10 Million Customers On Dark Web, Company Refutes Claims

Aug 1, 2023

The aftershocks of the Optus data leak refuses to die down. Almost a year after the ransomware attack on the Australian telecommunication company, information on Optus users have popped up on a breached data marketplace.

The authenticity of the 10 million users’ information from the alleged Optus data leak has not been confirmed yet.

Meanwhile, Optus has refuted claims that the data belongs to the company.

“Optus is aware that a third party claims to have Optus customers information for sale on the dark web. Our analysis indicates that this information is not taken from Optus,” said Andrew Sheridan, Optus Vice President Regulatory and Public Affairs.

“Optus has engaged with the Australian Federal Police regarding this criminal activity. We encourage customers to be vigilant.”

Optus data leak: The latest tranche

Screenshot of Optus data on sale (Photo: Falcon Feeds/ Twitter)

“A user on a hacking forum is allegedly selling a database comprising the personal information of 10 million Optus mobile customers from Australia,” Falcon Feeds, the Threat Intelligence Service tweeted. The Optus data leak tweet was posted with the following screenshot –

The dark web post from the unidentified seller was titled, “Australia Optus Mobile Numbers 10 Million 2023.”

The seller on the dark web claimed to have data from 10 million Optus mobile users. The information they were selling included the following –

First name
Last name
Address with city, state, and postal code
Date of birth
Mobile number
Last updated information
Source of data

Optus data breach 2022

Optus popped up on the cybersecurity news, when the company on 22 September 2022 disclosed the incident.

“We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” Kelly Bayer, Optus CEO said in the media release then.

The company suspected unauthorized users to have accessed customers’ addresses, and ID documents including driver’s license and passport numbers, read the Optus data breach media release.

At that time, it was suspected that the data of over 9 million Optus users was likely compromised.

Ransom note left by the person believed to be behind the breach

Hacker claims about the Optus data leak, 2022

Following the Optus cyber attack, an unidentified seller claimed to have data stolen from the company. They demanded a ransom of $1.5 million in Monero cryptocurrency.

They posted on the dark web that they had data of over 11.2 million customers. At that time, researchers confirmed that the data samples posted by the seller were genuine and aligned with the customer data of Optus.

Shortly, the Australian Federal Police initiated “Operation Guardian” with the aim of safeguarding both present and past Optus customers from identity theft and financial fraud.

The main focus of the federal police under this operation will be to address the 10,000 records that were compromised and shared on a data breach website earlier in the week.

These records contain sensitive information such as passport details, Medicare information, and driver’s license data.

Australian cybersecurity after Optus cyber attack

After the Optus cyber attack, the federal government decided to reform the cybersecurity of the nation. It was decided that banks would be informed after data breaches in the corporate world.

Australia’s Prime Minister Anthony Albanese was found saying on a local radio that the Optus hacking was a huge wake-up call. They felt the need to initiate reforms in communication at financial institutions about cyber attacks.

Australia’s Minister of Home Affairs Clare O’Neil met the Australian Signals Directorate and the Cyber Security Center to discuss the Optus data breach.

“I will have much more to say in coming days about the Optus cyber attack and what steps need to be taken in the future,” Clare said in a tweet.

Driver’s license issued to victims of Optus data leak

The Australian telecommunication spokesperson announced that the government was tracking the license holders who were affected by the Optus cyber attack.

In October 2022, Victorian license holders were assured that they would be issued new cards by the end of the year.

The Roads Corporation of Victoria VicRoads announced that the victims of the Optus data leak would be issued cards with an extra security number. The security codes secured the new cards similar to bank cards.

Australia Privacy Penalty Bill 2022

On November 9, 2022, the Albanese government passed the Privacy Penalty Bill which increased the penalties for severe and repeated privacy breaches on companies. The maximum penalty was increased from $2.22 million to either of the following

$50 million
Three times the value of benefit gained after exposing the data
30% of the company’s turnover

In February this year, an Australian scammer was nabbed and sentenced to 18 months in prison for misusing customer information from Optus data leak.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

Get Free Report & Network Analysis

Please check your email for the free report.