Authorities make first arrests connected to major Optus data breach

Following the recent large-scale data breach that left millions of Optus customers across the country at an increased risk of having their personal information stolen, Australian Federal Police (AFP) have charged a Sydney man for allegedly attempting to misuse the stolen Optus customer data in a text message blackmail scam.

Over 9 million people are thought to have been impacted by the major data breach with information such as customers’ names, dates of birth, phone numbers, email addresses, and in some instances address details, and ID document numbers such as driver’s licence or passport numbers potentially compromised.

Optus has stressed that payment details and account passwords have not been compromised as the telco scrambles to secure the information of millions of its customers.

A search warrant was executed on Thursday, October 6 when the AFP’s Operation Guardian became aware of a number of text messages that allegedly demanded some Optus customers transfer $2000 to a bank account or private information would be exposed.

Authorities allege that the data used to identify these customers was from the 10,200 stolen records posted online after last month’s Optus breach.

Assistant Commissioner Cyber Command Justine Gough stressed that although the man was not suspected of being the individual responsible for the Optus breach he had allegedly tried to benefit financially from the stolen data that was exposed on an online forum.

“Last week, the AFP and our state and territory partners launched Operation Guardian to protect the most vulnerable customers affected by the Optus breach and we were absolutely clear that there would be no tolerance for the criminal use of this stolen data,” Assistant Commissioner Gough said.

“I want to be very clear – and there are two messages today that I want to underscore.

“The AFP-led JPC3 has diverted significant resources to protect those customers at risk from identify fraud. We understand how worried some members of the community are, and I want to give the community reassurance that the AFP and our partners are working around the clock to help protect your personal information.

“Secondly, the warning is clear. Do not test the capability or dedication of law enforcement. The AFP, our state partners and industry are relentlessly scouring forums and other online sites for criminal activity linked to this breach. Just because there has been one arrest does not mean there won’t be more.”

The Sydney man is scheduled to appear in a Sydney Court on October 27 charged with two offences that carry a maximum penalty of 10 and seven years imprisonment.

Gough said Operation Hurricane, the AFP investigation into the alleged offender responsible for the breach, remained ongoing.

“The Hurricane investigation is a high priority for the AFP and we are aggressively pursuing all lines of enquiry to identify those behind this attack,” Gough said.

Following the breach, Optus CEO Kelly Bayer Rosmarin said “we are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customer’s personal information to someone who shouldn’t see it”.

“As soon as we knew, we took action to block the attack and began an immediate investigation. While not everyone maybe affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance,” Rosmarin said.

“We are very sorry and understand customers will be concerned. Please be assured that we are working hard, and engaging with all the relevant authorities and organisations, to help safeguard our customers as much as possible.

“Optus has also notified key financial institutions about this matter. While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious.”

The AFP has urged the public to:

• Look out for any suspicious or unexpected activity across your online accounts, including your telco, bank and utilities accounts. Make sure to report any suspicious activity in your bank account immediately to your financial institution;
• Do not click on any links in any email or SMS claiming to be from Optus;
• If someone calls claiming to be from Optus, the police, bank or another organisation and offers to help you with the data breach, consider hanging up and contacting the organisation on its official contact details. This can be a scammer calling using your personal information;
• Never click on any links that look suspicious and never provide your passwords, your bank’s one time pins, or any personal or financial information;
• If people call posing as a credible organisation and request access to your computer, always say no.