Optus, one of the largest service providers in Australia, disclosed a data breach. The intruders gained access to the personal information of both former and current customers.
The company is a subsidiary of Singtel with 10.5 million subscribers as of 2019.
“Following a cyberattack, Optus is investigating the possible unauthorised access of current and former customers’ information.” reads the data breach notification. “Upon discovering this, Optus immediately shut down the attack.”
The company notified the Australian Cyber Security Centre which is helping it to mitigate any risks to customers. Optus has also notified the Australian Federal Police, the Office of the Australian Information Commissioner and key regulators.
Information that may have been exposed includes names, dates of birth, phone numbers, email addresses, Octus added that for a subset of customers, addresses, ID document numbers such as driver’s licence or passport numbers may have been compromised. Payment details and account passwords have not been exposed in the attack.
Optus services, including mobile and home internet, are not affected, and attackers did not access to messages and voice calls.
The company did not disclose details of the security breach.
“Optus has also notified key financial institutions about this matter. While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious.” concludes the notification.
The experts warn current and former customers to be vigilant and monitor any suspicious activity.
(SecurityAffairs – hacking, security breach)