What hackers who stole personal details of nearly 10 million Optus customers could do with the information – here are the scam messages you might receive
- Nearly 10 million Optus customers had personal details taken in cyber attack
- Cyber security consultancy Gridware warned scam SMS messages could follow
- Fake messages may quote back your personal details, ask you to pay at a link
- CEO Kelly Rosmarin admitted she felt ‘terrible’ it happened under her watch
Millions of Optus customers whose personal details were stolen in a cyber attack should be on high alert for ‘highly targeted’ scam text messages and emails in the coming days and weeks, a cyber security expert has warned.
Cyber security consultancy Gridware told Daily Mail Australia that the type of data stolen by hackers will be sold on the dark web to criminals who are likely to use it to create authentic-looking fraudulent phishing scams.
Nearly 10 million Optus customers had personal details taken in a new cyber attack.
Cyber security consultancy Gridware told Daily Mail Australia that the type of data stolen by hackers will be sold on the dark web to criminals who are likely to use it to create authentic-looking fraudulent phishing scams
Millions of Optus customers whose personal details were stolen in a cyber attack should be on high alert for ‘highly targeted’ scam text messages and emails in coming days
The personal data included names, passport and drivers’ licence numbers, addresses, email addresses, dates of birth and phone numbers.
Ahmed Khanji, Gridware’s CEO and a professor of cybersecurity said the criminals who buy the data will be able to create convincing-looking SMS messages and emails because they already have so much personal information.
‘These messages will be advanced, targeted phishing attempts trying to get you click a link to pay a fee or a fraudulent invoice, or fill out more details,’ Prof. Khanji said.
‘They are far more believable than random messages saying “I’m from the ATO, you owe money.’
These messages will be advanced, targeted phishing attempts trying to get you click a link to pay a fee or a fraudulent invoice, or fill out more details,’ Prof. Khanji said
The messages could most obviously try to pressure existing Optus customers for money.
People unaware their details had been stolen could easily fall for the scams because any messages would quote their personal details back to them – including residential address and date of birth.
He said the Australian criminal networks including bikie gangs have previously been involved in similar scams.
‘Whoever did this, they’re going to be interested in selling this data off and because the details are Australian, we’d suspect Australian crime gangs could use that information for fraud gaining financial advantage by deception.’
The telco’s boss Kelly Rosmarin confirmed payment details and account passwords had not been compromised but admitted she felt ‘terrible’ the breach had happened under her watch
He said the data would be sold on the dark web, either by auction or a flat fee.
Alastair MacGibbon, who is chief strategy officer at cyber-security firm CyberCX, said Optus hack victims also need to watch out for criminals impersonating them.
They should be looking for whether criminals are mimicking them, or stealing their identity, trying to obtain credit in their name … etc,’ he said.
Earlier the Optus CEO issued an emotional apology after the cyber attack.
The company’s boss Kelly Bayer Rosmarin confirmed payment details and account passwords had not been compromised but admitted she felt ‘terrible’ the breach had happened under her watch.
‘I think it’s a mix of a lot of different emotions,’ she said looking downcast.
‘Obviously I am angry that there are people out there that want to do this to our customers, I’m disappointed we couldn’t have prevented it.
‘I’m very sorry and apologetic. It should not have happened.’
Ms Bayer Rosmarin also revealed that the IP addresses linked to the hackers had moved around various European countries, and that it was a ‘sophisticated’ breach.
She added it was too soon to tell if it was a criminal organisation or another state was responsible for the attack.
The data that was potentially stolen has been dated back to 2017.
Optus revealed the breakdown of the types of personal information stolen.
Optus has been called out for waiting nearly 24 hours to tell close to 10 million customers their personal details had potentially been stolen by hackers
Hackers stole 2.8 million customers’ passport and drivers licence numbers, email and home addresses, dates of birth and telephone numbers after reportedly exploiting a weakness in the company’s firewall.
The remaining seven million had their dates of birth, email addresses and phone numbers stolen.
Optus knew about breach on Wednesday but didn’t alert customers until Thursday.
What Optus has said about the breach:
How did this happen?
Optus was the victim of a cyberattack. We immediately took action to block the attack which only targeted Optus customer data. Optus’ systems and services, including mobile and home internet, are not affected, and messages and voice calls have not been compromised. Optus services remain safe to use and operate as per normal.
Has the attack been stopped?
Yes. Upon discovering this, Optus immediately shut down the attack.
We are now working with the Australian Cyber Security Centre to mitigate any risks to customers. We have also notified the Australian Federal Police, the Office of the Australian Information Commissioner, and key regulators.
Why did we go to the media first instead of our customers?
The security of our customers and their data is paramount to us. We did this as it was the quickest and most effective way to alert as many current and former customers as possible, so they could be vigilant and monitor for any suspicious activity. We are now in the process of contacting customers who have been impacted directly.
What information of mine may have been exposed?
The information which may have been exposed includes customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver’s license or passport numbers. Customers affected will be notified directly of the specific information compromised.
Optus services, including mobile and home internet, are not affected. Messages, voice calls, billing and payments details, and account passwords have not been compromised.
What should I do to protect myself if I suspect I am a victim of fraudulent activity?
We are not currently aware of any customers having suffered harm, but we encourage you to have heightened awareness across your accounts, including:
Look out for any suspicious or unexpected activity across your online accounts, including your bank accounts. Make sure to report any fraudulent activity immediately to the related provider.
Look out for contact from scammers who may have your personal information. This may include suspicious emails, texts, phone calls or messages on social media.
Never click on any links that look suspicious and never provide your passwords, or any personal or financial information.
How do I contact Optus if I believe my account has been compromised?
If you believe your account has been compromised, you can contact us via My Optus App – which remains the safest way to contact Optus or call us on 133 937 for consumer customers. Due to the impact of the cyberattack, wait times may be longer than usual.
If you are a business customer, contact us on 133 343 or your account manager.
How do I know if I have been impacted?
We are in the process of contacting customers who have been directly impacted.