Telecom said it was investigating the possibility of unauthorized access to information including names, addresses and passport numbers.
Optus, Australia’s second-largest telecom, has revealed that its customers’ personal data may have been compromised in a cyberattack against the company.
Optus said Thursday that it is investigating possible unauthorized access to customer information, including names, addresses, dates of birth, phone numbers, email addresses, driver’s licenses and passport numbers.
The Sydney-based telecommunications company said it “shut down” the attack shortly after its discovery and that no customers were harmed, but advised customers to “raise awareness” of the activity. routine or fraudulent activity on their account.
The company said it was working with Australia’s cybersecurity center to address any risks to customers and had notified the country’s police and information commissioner of the attack. It did not specify when the attack occurred or how many customers might be affected.
The company said Optus services, voicemail and text messages, payment details and account passwords were not compromised in the attack.
Optus CEO Kelly Bayer Rosmarin said in a statement: “We were disappointed to discover that we were subjected to a cyberattack that resulted in the disclosure of customers’ personal information to those who should not. see it.
“As soon as we became aware, we took action to stop the attack and started an investigation immediately. While not everyone may be affected and our investigation is not yet complete, we want all of our customers to be aware of what happened as soon as possible so they can raise their concerns. high vigilance”.
Bayer Rosmarin added that the company “deeply regrets” the incident and “works with all relevant agencies and organizations, to help protect our customers as much as possible.”
The cyberattack is the latest in a string of recent data breaches and cyberattacks involving leading companies, which September alone saw related announcements by Samsung, North Face , American Airlines, Uber and Rockstar.
Trevor Long, a technology industry analyst based in Sydney, Australia, speculated the incident could be the largest personal data breach involving an Australian company.
“It is reprehensible that Optus did not notify the customer and did not make the announcement as a media warning and instead just posted it on their media website,” Long told Al Jazeera.
“We are always at risk, and this will happen again and again – sadly. The best we can do is change our passwords regularly, make sure we have two-factor authentication everywhere, and regularly check our financial accounts and credit reports for any unauthorized activity”.