Australian Telecom Optus Exposes
Data Of 2.1 Million Customers

Contents

Summary Of The Attack

  • On October 3, 2022, Australian mobile company Optus confirmed that a cyberattack last month had exposed the government identification numbers of 2.1 million of its customers.
  • The Disclosure came following the leak of 10,000 Optus customer records, which included user information such as names, birthdates, home, and email addresses, phone numbers, and personal identification numbers.
  • The threat actor had first tried to blackmail Optus by demanding a $1 million ransom in exchange for them not disclosing or selling the stolen data.
  • The actual data breach appears to have been caused due to improperly configured security protections on an API endpoint, but still, there is no proper understanding in Optus of how the incident occurred.
.