Optus customers affected by data breach don’t need new passports, chief says
Telecom provider Optus says customers affected by a data breach at its telecom company do not need to apply for new passports.
Key Point:
- Optus CEO Kelly Bayer Rosmarin defends the company’s response to a data breach in the latest update.
- She also says an external independent review has been commissioned
- Teenager arrested on suspicion of using stolen data, not original hack
Passports, driver licenses, and Medicare card details were exposed when hackers claimed to have accessed the data of 9.8 million current and former customers.
Customers who needed to change both their license and Medicare details were contacted in early October.
Optus chief executive Kelly Bayer Rosmarin told ABC on Friday that it was thanks to many government agencies that people were able to “continue to plan their trips and feel safe and secure.” Told.
“Thanks to the excellent work of three different government departments who have worked closely together over the last few weeks, we have been able to put the appropriate protections in place for our customers.
“This means that customers whose passport numbers have been published do not have to track their passports.”
Rosmarin also defended the telecom company’s response to the data breach, refuting claims that the company charged customers who were leaving the company.
“I don’t know where these stories come from. Most of our customers aren’t even under contract anymore,” she said.
“We want our customers to choose to stay with Optus and stay with Optus.”
Agencies are joining forces in one of the biggest data breaches in Australian history.
The Australian Information Commissioner’s (OAIC) office has launched an investigation into the company’s handling of customer data.
The OAIC also works with the Australian Communications and Media Authority (ACMA), along with the Australian Cyber Security Centre.
Rosmarin confirmed that the company’s own investigation is also underway.
“We spend millions of dollars and employ a team of people whose day-to-day job is to prevent attacks like this from entering.
“We are very disappointed that one was so successful that we have asked for an outside, independent review to find out how that could have happened.
“So we can learn from it and do better in the future.”
The Home Office has also set up the Commonwealth Credential Protection Register to prevent unauthorized use of personal information.
“This register will prevent compromised identities from being verified through document verification services,” the ministry said on its website.
“The Document Verification Service is used by government agencies, banks and other businesses to verify the identity of individuals online.
“However, this means that their rightful owners cannot use them online. New credentials issued after a data breach will work as normal.”
The identity of the hacker remains unknown, even after 10,000 customer details were exposed and subsequently removed from the dark web.
a teenager from rockdale Arrested in early October in southern Sydney.
His arrest was the first to be linked to a cyberattack, but it was related to using illegally obtained data to blackmail residents. not hacking.
Police have accused the teen of texting 93 people on an early public list and threatening to use their personal information for financial crimes unless a $2,000 ransom was paid. doing.
He has been charged with using telecommunications networks and dealing with identity information for the purpose of extortion.
Violations carry a maximum penalty of 10 years in prison. He is scheduled to appear in Sydney Central Court at a later date.
Optus says it continues to work with Australian Federal Police to track down those responsible for the attack.
https://www.abc.net.au/news/2022-10-14/optus-says-customers-do-not-need-new-passports-after-data-breach/101538178 Optus customers affected by data breach don’t need new passports, chief says