• We did not send an email asking for donations - please read this post.

Optus (Australia) says it has been hit by a cyber attack that has compromised customer information

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,121
Reaction score
4,305
Credits
30,146

Information that may have been exposed includes customers' names, dates of birth, phone numbers and email addresses, Optus says.

For some customers, addresses and ID document numbers such as driver's licence or passport numbers have been exposed.

The breach involves both current and former customers,

more... https://www.abc.net.au/news/2022-09-22/optus-hit-with-cyber-attack-impacting-customers-/101466036
 


KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
7,372
Reaction score
6,354
Credits
59,773
I would like to point out that I have never lost a customer's (or website visitor's) personal data.

If I did leak that data, it'd be REALLY minimal. I collect as little data as possible, 'cause I can't lose what I don't have. You're welcome, world.
 

bob466

Well-Known Member
Joined
Oct 22, 2020
Messages
644
Reaction score
453
Credits
4,724
Not good ...that's for sure.
scared0011.gif
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,121
Reaction score
4,305
Credits
30,146
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,121
Reaction score
4,305
Credits
30,146

How can I strengthen my cyber security?​

While Optus says they're "not aware of customers having suffered any harm," the company is encouraging people to have "heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious."

Optus have recommended looking to reputable sources, such as the government's Money Smart platform and the Identity Fraud page on the Office of Australian Information Commissioner website.

For customers believed to have heightened risk, Optus says it will undertake "proactive personal notifications" and offer "expert third-party monitoring services."

Cyber Security Minister Clare O'Neil says all Australians need to strengthen their cyber defences to help protect themselves.

The Australian Cyber Security Centre (ACSC) recommends:

  • Updating your devices to protect important information
  • Protecting your accounts with multi-factor authentication
  • Backing up data regularly to the cloud or an external hard drive
The ACSC website has step-by-step guides on how to apply these tips on Apple, Android and Windows devices.
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,121
Reaction score
4,305
Credits
30,146

osprey

Active Member
Joined
Apr 15, 2022
Messages
249
Reaction score
148
Credits
2,286
Without knowing much about the issues, I wonder how encryption of data can be used to make it useless to cybercriminals.
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,121
Reaction score
4,305
Credits
30,146
@osprey ...that is an interesting point.

It would be within the bounds of reason to expect that a corporation the size of Optus would be already making use of encryption?
Which then leads to the question...just how did the perpetrators of this 'thing' break such encryption?....Have they already succeeded in breaking it??
My knowledge of encryption could probably be written on my thumbnail.....but I was under the impression that encrypted data can take excessive amounts of time to unravel......in some cases years.....either that or huge computer resources....HUGE....to reduce the time taken.

Another question.....was Optus storing said data in 'raw' form ?....unencrypted...? ? ???
 

osprey

Active Member
Joined
Apr 15, 2022
Messages
249
Reaction score
148
Credits
2,286
Condobloke wrote:
Another question.....was Optus storing said data in 'raw' form ?....unencrypted...? ? ???
And were they using linux servers?
A number of banks and other very security conscious organisations do run linux servers and other unix flavours.
 

bob466

Well-Known Member
Joined
Oct 22, 2020
Messages
644
Reaction score
453
Credits
4,724
It seems Optus knew at least a day before about the attack and then have the bloody hide to advise customers on how to protect themselves against hackers...should have taken their own bloody advice.
t1949.gif


It's a bit late telling people what to do after the event...that's like closing the barn door after the horse has bolted...bunch of morons.
t2407.gif
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,121
Reaction score
4,305
Credits
30,146
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,121
Reaction score
4,305
Credits
30,146
 

wizardfromoz

Administrator
Staff member
Gold Supporter
Joined
Apr 30, 2017
Messages
7,786
Reaction score
6,611
Credits
28,653
My ISP, who also provide my mobile (cell) phone, had this to say

Hi Chris Turner,

You may have seen in the media that Optus had a data breach yesterday which saw a lot of their customer details potentially released during a malicious cyber-attack.

<name of ISP> are a wholesale customer of Optus, the mobile service we sell uses their network.

When our customers sign up to a mobile service with us, we only provide the following details to Optus: mobile number, SIM card ID, and date of birth – no other personal details are shared.

As a valued mobile customer of <ISP>, we wanted to let you know that we have received confirmation, in writing from Optus this morning, that the wholesale platform was not part of the data breach. None of your details have been compromised as part of this cyber-attack on Optus.

If you have any questions or concerns, don’t hesitate to reach out to our Support team on ...
 

bob466

Well-Known Member
Joined
Oct 22, 2020
Messages
644
Reaction score
453
Credits
4,724
I'd laugh if it wasn't so serious ... oops I did.o_O

It wasn't a joke...it's most likely the case.
happy0028.gif
Just like people who get caught drink driving...then tell other people don't drink drive.
happy0009.gif
 

bob466

Well-Known Member
Joined
Oct 22, 2020
Messages
644
Reaction score
453
Credits
4,724
What do we hear now...Optus refused to upgrade security.
t2403.gif
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,121
Reaction score
4,305
Credits
30,146
Optus...refusing to carry out remediation work to benefit/safeguard their customers........that sounds familiar.

It appears their "attitude" has not changed from years ago when I was unfortunate enough to have them as my ISP.

Never again.
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,121
Reaction score
4,305
Credits
30,146
Is that a scenario similar to hanging the keys to a secure door on the door itself?......maybe a note left for the burglars....here's the key, help yourself?
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation

Members online

No members online now.

Top