Australian telecommunications company Optus has notified its customers about a cyberattack in which information of its customers was compromised. As per the company website, the company ‘is investigating the possible unauthorised access of current and former customers’ information.’
The company said that it blocked the attack as soon as it was discovered. It further said that it is working with the Australian Cyber Security Centre to mitigate any risks to customers.
“We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” the CEO of the company, Kelly Bayer Rosmarin said.
“As soon as we knew, we took action to block the attack and began an immediate investigation. While not everyone maybe affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance. We are very sorry and understand customers will be concerned. Please be assured that we are working hard, and engaging with all the relevant authorities and organisations, to help safeguard our customers as much as possible.”
According to the company, information which may have been leaked includes customers’ names, dates of birth, phone numbers, email addresses, and, for some of the customers, addresses, ID document numbers such as driver’s licence or passport numbers. Payment details and account passwords have not been exposed.
Optus services such as mobile and home internet as well as messages and voice calls have not been affected and remain safe to use.
If your an Optus customers we encourage you to do the following:
- Change you passwords – Optus, bank, email and social media.
- Add two factor authentication to all your accounts – Optus, bank, email and all platforms possible.
- Consider obtaining a copy of your credit report now, and in the months ahead, to find out if anyone is using your name to apply for any form of credit
- Monitor your bank statements
If you know anyone who wants to query what data Optus ‘may’ have released (but does hold on them).
1. Login to https://www.optus.com.au/my-account-login (needs to be active account).
2. Retrieve first set of details via accessing ‘https://www.optus.com.au/mcssapi/rp-webapp-9-common/user/information then take the ‘contactID’ numeric value from this page and put it into https://www.optus.com.au/mcssapi/rp-webapp-9-common/customer-management/contact-person/<<<contactid>>>?lo=en_US&sc=SS (replace <<<contactid>>> with the number from previous step)
Additional Useful Links
Department of Transport – change your customer reference number