A cyber security expert has advised millions of Optus customers whose personal information was taken in a cyberattack to be on the lookout for “highly targeted” scam text messages and emails in the next days and weeks.
The sort of information that hackers steal will be sold on the dark web to criminals who would likely use it to develop phishing schemes that seem real, according to cyber security company Gridware, which spoke to Daily Mail Australia.
In a recent cyber assault, personal information from around 10 million Optus subscribers was stolen.
Names, passport and licence numbers, residences, email addresses, dates of birth, and phone numbers were among the personal information.
Because they already have so much personal information, the criminals who purchase the data will be able to produce convincing-looking SMS messages and emails, according to Gridware CEO and cybersecurity expert Ahmed Khanji.
According to Prof. Khanji, “These communications will be sophisticated, targeted phishing efforts aiming to persuade you click a link to pay a charge or a fake invoice, or fill out additional information.”
They are a lot more credible than chance communications that claim to be from the ATO and that the recipient owes money.
Most obviously, the mails could attempt to solicit money from current Optus customers.
Because any mails would repeat their personal information back to them, including residence address and date of birth, anyone who were unaware that their information had been stolen may easily fall for the frauds.
He said that similar frauds had previously been carried out by Australian criminal organisations, including bikie gangs.
“Whoever did this, they’re going to be interested in selling this data off,” the statement reads. “We’d expect that Australian criminal groups may utilise that information for fraud and gain financial benefit via deceit.”
He said that either via an auction or a fixed charge, the data will be sold on the dark web.
Cybersecurity company CyberCX’s chief strategy officer, Alastair MacGibbon, advised Optus hack victims to be on the lookout for imposters.
He advised them to check to see if somebody is imitating them, stealing their identity, attempting to get credit in their name, etc.
The Optus CEO already apologised profusely for the cyberattack.
Kelly Bayer Rosmarin, the company’s CEO, acknowledged that payment information and account passwords had not been stolen but said she felt “horrible” that the hack had occurred under her watch.
She remarked, looking dejected, “I guess it’s a combination of a lot of different feelings.”
Obviously, I’m upset that there are individuals out there who wish to harm our consumers, and I’m unhappy that we were unable to stop it.
“I’m sorry and I apologise deeply. It ought not to have occurred.
Additionally, Ms. Bayer Rosmarin disclosed that the hackers’ IP addresses had travelled to other European nations, indicating that the attack was “advanced.”
She noted that it was still too early to determine if a criminal organisation or another state was behind the assault.
The allegedly stolen information dates back to 2017.
Optus provided a summary of the different categories of stolen personal data.
After allegedly taking advantage of a hole in the company’s firewall, hackers acquired the personal information of 2.8 million clients, including their passport and driver’s licence numbers, email and home addresses, dates of birth, and phone numbers.
Their phone numbers, email addresses, and dates of birth were taken from the remaining seven million people.
Optus was aware of the intrusion on Wednesday but did not notify the public until Thursday.
Optus’ statements on the breach:
What led to this?
The target of a cyberattack was Optus. We acted promptly to stop the assault, which was exclusively directed at the data of Optus customers. Messages and phone conversations have not been compromised, and Optus’ infrastructure and services, including mobile and home internet, remain unaffected. Optus services continue to be safe to use and run normally.
Has the assault been halted?
Yes. When Optus realised this, the assault was immediately stopped.
To reduce potential dangers to clients, we are now collaborating with the Australian Cyber Security Centre. Additionally, we have informed the Australian Federal Police, the Australian Information Commissioner, and important regulators.
Why did we approach the media rather than our clients first?
Data security for our clients is of utmost importance to us. We took this action because it was the simplest and most efficient approach to warn as many of our current and previous clients as we could, allowing them to be watchful and keep an eye out for any strange conduct. Contacting clients who have been directly affected is currently being done.
What details about me may have been revealed?
Customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, as well as ID document numbers like those on a driver’s licence or passport, may have been exposed. Customers that are impacted will get immediate notification of the particular information stolen.
Mobile and home internet services from Optus are unaffected. Voice calls, text messages, payment information, billing information, and account passwords have not been hacked.
What can I do to safeguard myself if I believe I’ve been a victim of fraud?
Although we are not presently aware of any customers who have been harmed, we urge you to be more vigilant about all of your accounts, particularly:
Monitor all of your internet accounts, including your bank accounts, for any unusual or suspicious behaviour. Make careful to notify the relevant provider right once of any fraudulent activity.
Be on the lookout for correspondence from con artists who may obtain your personal information. This might apply to shady social media posts, emails, texts, or phone calls.
Never disclose your passwords or any other personal or financial information, and never click on links that seem dubious.
If I suspect my account has been hijacked, how can I get in touch with Optus?
The safest method to get in touch with Optus is still via the My Optus App, but you may also phone us at 133 937 if you’re a consumer client if you think your account has been hacked. Wait times might be greater than normal as a result of the cyberattack’s effects.
Contact your account manager or us at (133) 343 if you are a business client.
How can I tell if I’ve been affected?
Contacting clients who have been directly affected is currently being done.