A hacker has breached Optus’ systems to access data that the telecommunications company said could include names, dates of birth, phone numbers, email addresses, physical addresses and passport numbers.
In a statement issued at 2pm on the Queens’ memorial public holiday, Optus said it had immediately shut down the attack when it discovered the breach and was working with the federal government’s Australian Cyber Security Centre.
It added that there was no evidence so far that any payment detail and account passwords had been compromised and was continuing to investigate the breach.
Optus chief executive Kelly Bayer Rosmarin apologised to customers and said she understood the concern they would feel.
“We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” Bayer Rosmarin said in a statement.
“While not everyone maybe affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance. We are very sorry and understand customers will be concerned. Please be assured that we are working hard, and engaging with all the relevant authorities and organisations, to help safeguard our customers as much as possible.”
Optus has informed the Australian Federal Police, Office of the Australian Information Commissioner, financial institutions and regulators of the breach.
“While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious,” Bayer Rosmarin said.
The hack was discovered on Wednesday, an Optus spokeswoman said. There are no details yet on how many customers’ data was accessed, which hacking group was responsible, what data – if any – was taken, or what the group’s motives were.
Original Source link