‘Sophisticated attack’: Optus hackers used European addresses, could be state linked

Optus has confirmed up to 9.8 million customers’ personal details dating as far back as 2017 may have been accessed in a sophisticated cyberattack on the company that could have been executed by a crime gang or even a foreign state.

In a press conference on Friday, Optus chief executive Kelly Bayer Rosmarin said the attackers, who were discovered on Wednesday, hid their tracks by shifting their online location markers across an array of different European countries.

Optus has not said how many customers it has contacted about the breach.Credit:Kate Geraghty

“We’ve got the absolute worst case scenario number at 9.8 [million records accessed],” Bayer Rosmarin said. “But as I say we expect the number to be considerably less than that.”

Bayer Rosmarin would not say in a press conference how many customers the country’s second-largest telecommunications company had contacted about the breach or how it stored the customer data.

“The exact mechanics are subject to a criminal investigation and we won’t be divulging that,” Bayer Rosmarin said.

“The IP address [used by the hackers] kept moving. It’s a sophisticated attack. Safe to say it comes out of various countries in Europe. And in terms of the customer data, I think it dates back to 2017.”

She emphasised that the company had gone public with the breach quickly so that customers could be alert to scams or fraudulent requests and was continuing to investigate in conjunction with the Australian Cyber Security Centre, the government agency that responds to major digital incidents.

“No passwords or bank details were taken,” Bayer Rosmarin said. “So, there isn’t a simple message like update your passwords or talk to your financial institution.”

She declined to say how Optus would contact affected customers but said it would tell all customers “over the next few days” how much, if any, of their data had been stolen.

Small business customers may have been caught up in the breach but Optus has confirmed that its enterprise wing and other brands on its network, such as Coles Mobile and Amaysim, have not been affected.

A spokesman for Cybersecurity Minister Clare O’Neil declined a request to interview the minister, deferring to Optus on the breach. Her office has previously confirmed the cybersecurity centre is involved and pointed to rising online attacks against Australian businesses.

But opposition cybersecurity spokesman James Paterson questioned the government’s silence, saying Australians deserved to know what concrete actions authorities were taking to protect them.

“It’s time for the government to explain what steps they have taken in response to this serious incident,” Paterson said.

On September 17, a pseudonymous user on an online hacking forum purported to offer more than 1 million Optus phone numbers for sale. But other users have cast doubt on whether that database is related to the hack, suggesting it could have been compiled from other sources.

“We are still working to validate that that information is relevant and is even Optus data,” Bayer Rosmarin said.

More to come

Most Viewed in Technology

From our partners

Source: Read Full Article