Optus data breach

‘We’re deeply sorry’: Optus suffers massive data breach

Today, this article from The Australian screamed,

Australia’s second largest telco Optus has suffered one of the most significant data breaches in Australian history, with the personal details of millions of customers stolen by hackers in a successful cyber attack.

About 2.8 million customers have had their personal details including drivers licence numbers, home addresses and dates of birth taken, while about 7 million have had their email addresses and phone numbers stolen.

The personal details that were stolen can be used for identity theft. In Australia, businesses use Document Verification Service (DVS) to verify your identity when you sign up for an account. If a hacker already knows the details of your driver’s license, they can fool the DVS into thinking he is you.

There is another disturbing detail in the article:

The breach affects both current and former Optus customers.

You may still be affected if you were once an Optus customer and had submitted your identity documents to them.

There is a little bit of good news though,

… while personal information was exposed, payment detail and account passwords have not been compromised.

Assuming that this information is correct, you will be safe from credential stuffing attacks if you have re-used your Optus account password elsewhere. But this should not be an excuse to reuse your passwords.

Those who have their personal details stolen can expect calls from scammers who know a lot about them.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from iSecurityGuru

Subscribe now to keep reading and get access to the full archive.

Continue reading