Bollywood-style Optus-hackers demand $1.5 million ransom, makes 10,000 records public

The personal details of 10,000 Optus customers have been released following a massive cyber attack.

Optus has earlier admitted that almost 10 million current and former customers’ data had been accessed in a cyberattack.

According to the statement, upon discovering the cyberattack, Optus immediately shut down the attack and is working with the Australian Cyber Security Centre to mitigate any risks to customers. 

The statement added:

“We are working closely with the Australian Cyber Security Centre, key regulators and authorities to mitigate any risks to customers. We also notified the Australian Federal Police and financial institutions.”

The information includes dates of birth, passport and driver licence numbers, and also personal addresses.

Australia’s Cybersecurity Minister Clare O’Neill told the media that Optus needs to do more to better its security.

Today I gave an update on the Optus security breach.

Responsibility for this security breach rests with Optus. This is a breach we shouldn't expect to see in a large telecommunications provider.

In the coming days, I'll have more to say on what steps need to be taken.#QT pic.twitter.com/hpoMtx4iSl

— Clare O'Neil MP (@ClareONeilMP) September 26, 2022

It is now reported that the hackers have released 10,000 private records and warned that they would continue to do so each day until an amount of $1.5 million is paid.

After the cyber attack, “optusdata” in an online noticeboard issued an ultimatum that personal information was held to ransom by the supposed hackers.

7News reports that the user added that the hackers would sell the data on the dark web unless Optus paid AUD1.53million in cryptocurrency. to verify, the user also attached the details of 200 customers.

A spokesperson for the Australian Federal Police (AFP) told 7News:

“It is an offence to buy stolen credentials. Those who do face a penalty of up to 10 years’ imprisonment.”

Optus has apologised and contacted every customer who had been impacted by the breach.

“We understand and apologise for the concern that this has caused for our customers. Payment detail and account passwords have not been compromised as a result of this attack.”

Optus breach is staring the Australian federal government directly in the eyes to take concrete actions in the area of cyber security.

Prime Minister Anthony Albanese told Brisbane radio 4BC.

“This is a huge wake-up call for the corporate sector in terms of protecting the data. We know that in today’s world there are actors – some state actors but also some criminal organisations – who want to get access to people’s data.”