Australia’s second largest mobile operator suffers major cyberattack
- The personal data of up to 10 million people has been compromised by a cyberattack against Optus, Australia’s second largest wireless network operator. The major breach effectively puts all Optus mobile customers at risk.
- The company said it discovered the breach on Wednesday and acted quickly to contain the damage, but not before customers’ names, birth dates, phone numbers, email addresses, IDs and passport numbers have been compromised.
- Optus’ services were not affected and Australian authorities are participating in an ongoing criminal investigation into the attack, the company said.
Overview of the dive:
Critical infrastructure systems, including telecommunications networks, are frequently plagued by cyber threats, as evidenced by a recent spate of attacks.
The Los Angeles school district earlier this month was hit by a potentially disastrous ransomware attackwhose implications are still to play. T-Mobile continues to deal with the consequences of a 2021 cyberattack that exposed the personal data of at least 76 million people.
The Agency for Cybersecurity and Infrastructure Security has placed particular emphasis on critical infrastructure and is making progress in the development of cyber incident reporting warrants as part of this effort.
Optus said he was convinced the attack was carried out by a sophisticated threat actor, but a senior executive told the Australian Broadcasting Corporation initial results from an internal investigation indicate that human error is to blame.
System integrations required to meet two-factor authentication regulations exposed Optus’ customer database through APIs, and these efforts unintentionally exposed data on a testnet compromised by the threat actor, the source told the ABC.
Optus said it was starting to notify customers who might be affected by the attack, but says no financial information or passwords were compromised.
CEO Kelly Bayer Rosmarin, in a TV show interview with Sky News Australia, said the company is careful not to release too much information publicly. “We don’t want to create the possibility of phishing incidents or bad actors in front of what we do,” she said.
Customers are warned not to click on suspicious links in emails or text messages.
Bayer Rosmarin declined repeated requests to confirm whether customers’ personal data was encrypted and said the ongoing investigation prevented the company from sharing further details.
“We have strong cybersecurity controls in place. We thwart thousands of attacks every year, every day, and we are devastated that this could happen,” she said. “It’s a good warning to all organizations that even if you have strong cyber capabilities, dedicated focus and investment in it, there are sophisticated players out there.”
Optus has yet to publicly name the cybercriminals behind the attack, and Bayer Rosmarin said it was too early to rule out any scenarios for how the attack happened.