Australian unit of telecoms firm Singapore Telecommunications Optus said earlier today it was investigating the unauthorized access of customer data after a cyber–attack.
The company confirmed it immediately stopped the attack, preventing customers’ payment details and account passwords from being stolen. However, Optus confirmed some home addresses, driver’s licenses and passport numbers were potentially accessed by the attacker.
“Optus is working with the Australian Cyber Security Centre to mitigate any risks to customers,” the company said in a statement on its website.
Optus, who, according to publicly available data, has 9.7 million subscribers, said it also notified key financial institutions about the attack and subsequent breach.
“While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious,” the statement reads.
The technical details of the attack have not yet been disclosed. Still, according to Drew Perry, CEO of London–based IT consulting firm Tiberium, the breach may have been due to a vulnerability in a piece of security technology.
“Details on the incident are still emerging, but all customers of Optus, both past and present, are advised to change passwords on their accounts now and enable multi–factor authentication, if available,” Perry told Infosecurity Magazine.
“If you use the same password across multiple accounts, update them all and make use of a password manager.”
According to the executive, Optus customers will now be at a heightened risk of phishing, with their credentials potentially already being on the dark web.
“It is possible they could be used to train an [artificial intelligence] phishing bot to generate realistic synthetic media attacks. Passwords are very personal things and tell a story about the victim that can be abused for monetary gain.”
The Optus breach comes weeks after a cyber–attack that targeted InterContinental Hotels Group. The attack was then connected to a duo of allegedly Vietnamese hackers who destroyed the data after failing a ransomware attempt.