NSW-headquartered telecommunications company Optus has suffered a massive cyber breach, compromising its nine million customers' information.
In an ABC report, Optus warned its current and former customers that their names, dates of birth, phone numbers, and email addresses might have been exposed. ID document numbers such as driver's licenses or passport numbers might have also been exposed.
“We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers' personal information to someone who shouldn't see it,” Optus CEO Kelly Bayer told ABC.
Optus has offered assurances that payment details and account passwords have not been compromised. Additionally, it has already shut down the attack and notified the Australian Federal Police and is now working with the Australian Cyber Security Centre (ACSC) on the issue.
However, as the company remains unaware of the number of affected customers, it urged all customers to have “heightened awareness,” including looking out for unusual or fraudulent activity and any notifications that seem odd or suspicious.
“It's just too early for us to give specific numbers [of affected customers]. It is a significant number, and we want to be absolutely sure when we come out and say how many [customers have been affected],” Bayer said.
A cyber report released this year revealed that four in 10 Australian businesses experienced a successful cyber breach in 2021, while another found that global organisations expect to face successful cyberattacks this year. In a recent report, S&P Global Ratings (S&P) predicted that the cyber insurance market might continue to face a “rocky road” as more (re)insurers hesitate to underwrite larger risks.