Australian Telecoms company Optus discloses security breach

Australian telecoms company Optus disclosed a data breach, threat actors gained access to former and current customers.

Optus, one of the largest service providers in Australia, disclosed a data breach. The intruders gained access to the personal information of both former and current customers.

The company is a subsidiary of Singtel with 10.5 million subscribers as of 2019.

“Following a cyberattack, Optus is investigating the possible unauthorised access of current and former customers’ information.” reads the data breach notification. “Upon discovering this, Optus immediately shut down the attack.”

The company notified the Australian Cyber Security Centre which is helping it to mitigate any risks to customers. Optus has also notified the Australian Federal Police, the Office of the Australian Information Commissioner and key regulators.

Information that may have been exposed includes names, dates of birth, phone numbers, email addresses, Octus added that for a subset of customers, addresses, ID document numbers such as driver’s licence or passport numbers may have been compromised. Payment details and account passwords have not been exposed in the attack.

Optus services, including mobile and home internet, are not affected, and attackers did not access to messages and voice calls.

The company did not disclose details of the security breach.

“Optus has also notified key financial institutions about this matter. While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious.” concludes the notification.

The experts warn current and former customers to be vigilant and monitor any suspicious activity.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, security breach)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.