A cyber security expert has advised that millions of Optus customers whose personal information was taken in a cyber attack should be on high alert for ‘highly targeted’ scam text messages and emails in the coming days and weeks.
Gridware, a cyber security firm, told Daily Mail Australia that the type of data taken by hackers will be sold on the dark web to criminals who will likely use it to develop phishing scams that appear real.
Nearly 10 million Optus customers had their personal information compromised in a recent cyberattack.
Gridware, a cyber security firm, told the Daily Mail Australia that the type of data taken by hackers will be sold on the dark web to criminals who are likely to use it to develop phishing scams that appear real.
In the coming days, millions of Optus customers whose personal information was compromised in a cyberattack should be on high alert for ‘highly targeted’ scam text messages and emails.
The personal information comprised names, passport and driver’s license numbers, addresses, email addresses, birth dates, and telephone numbers.
Because they already have so much personal information, Gridware’s CEO and professor of cybersecurity, Ahmed Khanji, stated that criminals who purchase the data will be able to construct convincing-looking SMS messages and emails.
Prof. Khanji explained, “These messages will be sophisticated, targeted phishing attempts designed to convince you to click a link to pay a fee or a false invoice, or to provide additional information.”
They are significantly more credible than random texts claiming to be from the ATO and that the recipient owes money.
These messages will be sophisticated, targeted attempts to induce you to click a link to pay a fee or a false invoice, or to provide additional information. Prof. Khanji remarked
The messages may attempt to exert financial pressure on existing Optus customers.
People unaware that their information had been compromised may easily fall victim to the scams because any messages they received would quote back their personal information, including their residential address and date of birth.
He stated that Australian criminal networks, including bikie gangs, have participated in similar schemes in the past.
Because the facts are Australian, we anticipate that Australian crime syndicates could utilize this information to commit fraud and earn financial benefit through deception.
Kelly Rosmarin, the CEO of the telecommunications company, acknowledged that payment information and account passwords were not exposed, but she admitted she felt “awful” that the hack occurred under her watch.
He stated that the data would be sold via auction or a fixed cost on the dark web.
CyberCX’s chief strategy officer, Alastair MacGibbon, advised victims of the Optus intrusion to be on the lookout for crooks impersonating them.
They should investigate whether fraudsters are impersonating them, stealing their identity, or attempting to establish credit in their name, etc., he stated.
Previously, the CEO of Optus offered an impassioned apology for the cyber attack.
Kelly Bayer Rosmarin, the company’s CEO, acknowledged that payment information and account passwords were not exposed, but she admitted she felt “horrible” that the hack occurred under her watch.
She remarked with a glum expression, “I believe it’s a combination of various feelings.”
‘Of course I am unhappy that there are people in the world who wish to do this to our consumers, and I’m disappointed that we were unable to prevent it.
“I am deeply sorry and apologize. It should not have happened.’
Ms. Bayer Rosmarin further disclosed that the IP addresses associated with the hackers had moved throughout numerous European nations and that the breach was “sophisticated.”
She noted that it was too early to determine whether a criminal organization or another nation was behind the attack.
The potentially compromised information dates back to 2017.
Optus disclosed the categories of personal information that were compromised.
Optus has been criticized for taking nearly 24 hours to inform nearly 10 million customers that their personal information may have been compromised by hackers.
After apparently exploiting a vulnerability in the company’s firewall, hackers acquired the passport and driver’s license numbers, email and home addresses, dates of birth, and telephone numbers of 2.8 million clients.
The remaining seven million individuals had their birth dates, email addresses, and phone numbers compromised.
Optus was aware of the security incident on Wednesday but did not notify customers until Thursday.
What Optus has to say regarding the breach:
How did this come about?
Optus was subject to a cyberattack. We took swift action to thwart the hack, which targeted solely Optus customer data. Optus’ infrastructure and services, including mobile and home internet, have not been hacked, nor have messages or phone conversations. Optus services continue to be safe to use and operate normally.
Has the assault been halted?
Yes. Upon discovering this, Optus terminated the attack immediately.
We are now collaborating with the Australian Cyber Security Centre to mitigate any customer-related concerns. In addition, we have informed the Australian Federal Police, the Office of the Australian Information Commissioner, and other essential regulators.
Why did we approach the media before our customers?
The protection of our customers and their data is our top priority. This was the quickest and most efficient approach to warn as many current and former customers as possible so they could be watchful and watch for any suspicious conduct. We are now contacting consumers who have been directly affected.
What personal information may have been compromised?
Consumers’ names, birth dates, phone numbers, email addresses, and, for a subset of customers, ID document numbers such as driver’s license or passport numbers may have been compromised. Affected customers will be notified directly of the exposed information.
There is no disruption to Optus services, including mobile and home internet. Not compromised are messages, voice calls, invoices and payment information, or account passwords.
What steps should I take to protect myself if I believe I am a victim of fraud?
We are currently unaware of any customers who have been harmed, but we urge you to maintain a heightened level of vigilance across your accounts, including:
Observe any unusual or suspicious activity throughout your internet accounts, including your bank accounts. Make careful you quickly report any fraudulent activity to the relevant supplier.
Be on the lookout for communication from con artists who may have your personal information. This includes strange emails, texts, phone calls, and social media messages.
Never click on questionable links and never reveal your passwords, personal information, or financial information.
How can I get in touch with Optus if I suspect my account has been compromised?
If you feel your account has been compromised, you can notify us through the My Optus app – which remains the safest way to contact Optus – or by dialing 133 937 for consumer customers. The impact of the incident may cause wait times to be longer than usual.
If you are a business client, please call 133 343 or speak with your account manager.
How can I tell if I’ve been affected?
We are now reaching out to customers that have been directly affected.