“We are very sorry”: Optus in cyberattack
9 million Optus customers impacted by a cyberattack including names, dates of birth, phone, email and more.
- Published by David Knox
- on
- Filed under Subscription
Optus has announced its 9 million customers have been impacted by a cyberattack.
This presumably includes subscribers to its TV and Subhub platforms (there’s no advice to indicate mobile / web customers only).
“We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” said Kelly Bayer Rosmarin, Optus CEO.
“As soon as we knew, we took action to block the attack and began an immediate investigation. While not everyone maybe affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance. We are very sorry and understand customers will be concerned. Please be assured that we are working hard, and engaging with all the relevant authorities and organisations, to help safeguard our customers as much as possible.”
Following a cyberattack, Optus is investigating the possible unauthorised access of current and former customers’ information.
Upon discovering this, Optus immediately shut down the attack. Optus is working with the Australian Cyber Security Centre to mitigate any risks to customers. Optus has also notified the Australian Federal Police, the Office of the Australian Information Commissioner and key regulators.
Information which may have been exposed includes customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver’s licence or passport numbers. Payment detail and account passwords have not been compromised.
Optus services, including mobile and home internet, are not affected, and messages and voice calls have not been compromised. Optus services remain safe to use and operate as per normal.
“Optus has also notified key financial institutions about this matter. While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious.”
To help protect against fraud, customers are encouraged to look to reputable sources such as:
For customers believed to have heightened risk, Optus will undertake proactive personal notifications and offering expert third-party monitoring services.
The most up to date information will be available via optus.com.au. For customers who have specific concerns, they can contact Optus via the My Optus App (which remains the safest way to interact with Optus) or by calling 133 937. Optus will not be sending links in any emails or SMS messages.
2 Responses
This is a serious matter and a bad fail for Optus, but fraud and scam phone calls and emails have escalated during the last two or more years and I note that Optus mobile numbers appear quite frequently, maybe telcos should get more proactive and start monitoring and blocking bot calls, just for a start.
I watched the 23 minute update from the CEO of Optus on ABC live on YouTube and she also referred to another fraud source help which was ID Care.org, the same source was referred to on Nine news YouTube channel, one of the guests being interviewed on Nine also suggested to still check bank accounts etc, just to be sure and credit rating sites as well incase loans have been applied for by the hackers using stolen IDs. Optus only bought in two step authentication on their app about 2 months ago. I had my Netflix account hacked, I was lucky I got onto Netflix and Optus as soon as I saw the transaction on my banking, and they traced the hacker who was in Zulia Venezuela. I don’t get why only recently Optus decided to use 2 step when Woolworths and Coles have been using step for a year or more. Scary to think a supermarkets more up with security than a major telco.