Significant customer data exposed in attack on Australian telco

2022-09-23 17:29

Australian telecommunications company Optus has fallen victim to a significant cyberattack and data breach.

Coming clean on Thursday, Optus said the attack exposed information including customers' names, dates of birth, phone numbers, email addresses, and - for some - physical addresses, ID document numbers such as driving license or passport numbers.

Optus CEO Kelly Bayer Rosmarin said the company was "Devastated."

Multiple entities such as the Australian Cyber Security Centre, the Australian Federal Police, and the Office of the Australian Information Commissioner have been notified or are working with Optus to lock down its systems, prevent future breaches, and find the culprits.

The Office of the Australian Information Commissioner said it was engaging with Optus to ensure it was compliant with the requirements of the Notifiable Data Breaches scheme.

The general response from Optus customers has been along the lines of "That's all well and good they notified OAIC, wish they notified me," and some are seeking further clarifications of what appropriate "Vigilance" includes.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/09/23/cyberattack_optus/

#attack #australian