Australia’s second-largest telecom company reports major data breach in cyberattack

Australian telecom giant Optus has said that a cyberattack on it systems exposed current and former customer data. In a press release, the company said that an unspecified number of customer names, dates of birth, phone numbers, email addresses, addresses and identity document numbers, such as driver’s licence or passport numbers, were taken in the breach.

However, there was no mention of when did the breach happen. Optus is the country’s second-largest provider and a subsidiary of Singapore-owned Singtel, with about 10 million customers.

Optus chief executive Kelly Bayer Rosmarin said a “sophisticated” actor was behind a cyberattack, which gained access to information about up to 9.8 million users. However, the firm said no passwords or bank details were taken.

The Australian Signals Directorate was notified about the incident. The Australian Competition and Consumer Commission warned Australians who were potentially impacted, that they could be at risk of identity theft.

Rosmarin said no ransom demand had been made.

“It’s too early to rule out any possibility,” she said, adding that police and the Australian government were investigating.

Optus is the latest major telco hit by hackers in recent years. In 2015, Australian telco Telstra said its undersea cable company Pacnet’s internal network had been compromised, with hackers accessing its email and other internal business systems, TechCrunch reported.

(With inputs from agencies)