Home Sms code Optus cyberattack could involve customers dating back to 2017 | optus

Optus cyberattack could involve customers dating back to 2017 | optus


Optus customers dating as far back as 2017 could be caught up in the telecom company’s massive database hack, CEO Kelly Bayer Rosmarin has revealed.

Bayer Rosmarin told reporters Friday that the company still doesn’t know exactly how many customers had their personal information compromised in the attack, but that 9.8 million was the “worst-case scenario.”

“We have reason to believe the number is actually lower than that. But we are working to piece together exactly what the attackers received,” she said.

Personal information compromised in the attack included names, birth dates, addresses, phone numbers and, in some cases, passport or driver’s license numbers.

The intrusion is said to have taken place via the exploitation of a vulnerability in an application programming interface (API), but Bayer Rosmarin would not confirm this, saying it was “the subject of criminal proceedings” and under investigation by the Australian Federal Police and the Australian Cyber ​​Center.

Optus first became aware of the intrusion into its network on Wednesday and alerted the media less than 24 hours after shutting down unauthorized access and ensuring there were no other vulnerabilities. , said Bayer Rosmarin.

“We have worked with cyber experts from the Australian Government, privacy officers and regulators, and have proactively reached out to major financial institutions, our competitors and other businesses so that we can protect not only our own customers as much as possible, but all Australians,” she said.

Optus has relied on customer information through the media and has not yet notified individual customers directly as the company has not yet determined the number of customers affected.

Telecom companies are required by Australian law to verify the identity of their customers to prevent people from registering mobile phones or porting numbers – a growing attack method to bypass authentications two-factor that use SMS codes. The data dates back to 2017, as Optus is required to retain identity verification records for six years.

Bayer Rosmarin said once Optus determines which customers are affected, all customers, even those not directly affected, will hear from the company.

No ransom demand has been made and Optus has not yet determined whether it was a criminal or state actor attack on the company.

Bayer Rosmarin would not go into detail about how the attack happened, citing the criminal investigation.

The attacker’s IP addresses “come from various countries in Europe”, she said.

Brett Callow, Threat Analyst, posted on Twitter that the names and email addresses of 1.1 million Optus customers had been for sale online since September 17. Bayer Rosmarin could not say if this was true.

“One of the challenges when you go public with this kind of information is that there are a lot of people who can claim a lot of things. So there’s nothing validated and marketable that we know of, but the teams are looking at all the possibilities.

The CEO of the Singaporean telecommunications company said the whole country must respond to the attack together.

“We don’t yet know who these attackers are and what they want to do with this information, which is why we really need a response from the Australian team,” Bayer Rosmarin said.

She held back tears when asked what it meant that this attack happened on her watch.

“I am angry that there are people who want to do this to our customers. I’m disappointed that we couldn’t prevent it, and disappointed that it undermines all the great work we’ve done to be a pioneer in this industry.

“And I’m so sorry and sorry.”