- by theguardian
- 30 Sep 2022
Optus has suffered a massive cyber-attack, with the personal information of customers stolen, including names, dates of birth, addresses, and contact details.
The telco suffered the data breach when hackers, believed to be working for a criminal or state-sponsored organisation, accessed the sensitive information by breaking through the company's firewall.
The Australian Cyber Security Centre is working with Optus to lock down its systems, secure any data against further breaches, and trace the attackers. The Australian federal police and the Office of the Australian Information Commissioner have also been notified.
Optus has 9.7 million subscribers, according to publicly available data, but the company said it was still assessing the size of the data breach.
The company confirmed information which may have been exposed included Optus customers' names, dates of birth, phone numbers, email addresses and, for a cohort of customers, physical addresses and identification document numbers such as driving licence or passport numbers.
Optus said payment details and account passwords have not been compromised, and that services, including mobile phones and home internet, were not affected.
The company insisted voice calls had not been compromised, and that Optus services remained safe to use and operate.