Australian telecommunications company Optus has suffered an apparent data breach. The breach is believed to be quite large since Optus has nearly 9.7 million customers, but the exact number of accounts that have been affected is unknown at this time. While the collective behind the attack has not been named, it is believed that incident can be attributed to a state sponsored group, according to The Guardian. Access was gained when the group breached the company’s firewall, targeting only customer information while leaving day to day services unharmed. Information that was accessed included names, dates of birth, phone numbers, email addresses, addresses, ID document numbers such as driver’s license or passport numbers. Optus has begun working with the Australian Cyber Security Centre in an effort to reduce the consequences of the breach. Key financial institutions have been notified and Optus plans to alert customers who are at “heightened risk.”
Analyst Notes
It is important for customers of Optus to remain vigilant. Although there have been no reports of customer information being used for nefarious purposes, fraudulent activity can easily be perpetrated while utilizing the stolen information. Optus itself can take steps moving forward to better secure their firewalls. Some of those steps recommended to all organizations include:
• Constantly audit activity
• Buy new firewall hardware as necessary
• Limit VPN access
• Consistently apply updates
• Secure user and guest access
• Have a configuration change plan in place
https://www.theguardian.com/business/2022/sep/22/customers-personal-data-stolen-as-optus-suffers-massive-cyber-attack?&web_view=true
