Optus under scrutiny for cyber breach as hackers claim data deleted

Australian telecoms firm Optus has reportedly drawn further government criticism on Tuesday for a major cyber breach, as a suspected hacker's anonymous online profile claimed to be erasing stolen data and retracting with a sum of $1 million ransom money.

The second largest mobile operator in the nation, Optus, which is owned by Singtel, disclosed last week that one of Australia's largest data breaches had exposed information of up to 10 million users, comprising driver's license numbers, home addresses, and passport numbers.

Security professionals suspect that the ‘optusdata’ account, which was available in an online forum, belongs to the hackers. The account had threatened to reveal 10,000 Optus subscribers' data each day unless they received $1 million in cryptocurrency.

However, the account users stated on Tuesday that they had wiped the data because there were too many eyes and that they were dropping their demand for the ransom and apologized for having previously revealed the personal information of 10,200 Australians.

When asked whether they thought the owners of optusdata accounts were responsible for the breach, Optus along with the Australian Federal Police, who have been collaborating with the Federal Bureau of Investigation and other overseas law enforcement agencies to investigate the matter, declined to comment.

The Australian federal government holds Optus responsible for the security breach, and the firm has been warned of a restructuring of privacy laws and increased penalties and has been blamed for leaving the window open for malicious hackers to steal data.

About the government's health insurance program, Minister for Cyber Security Clare O'Neil stated that she was extremely worried about claims that personal data from the Optus security breach, particularly Medicare cards, are now being given away for free and for ransom.

Meanwhile, Kelly Bayer Rosmarin, CEO of Optus, stated that the incident had caused a lot of misunderstanding and that the business takes data privacy seriously. She added that most of their customers don’t hold Optus responsible for the breach and that they had not deliberately allowed it to happen.

Source credit: https://www.straitstimes.com/business/companies-markets/singtels-optus-says-ransom-demand-probed-after-massive-data-hack