Millions of customers suffer a data leak
Optus, an Australian telecom giant earlier this week confirmed that around 2.1 million of its present and past customers suffered data leaks that included their personal details, at least one type of identification number, as a consequence of a data breach that happened late in September.
Others believe that the Optus data breach incident has exposed the personal information of around 10 million people. Cybercrime in Australia has always been a pressing issue, it costs the country a minimum of $10 Million per year, and the figures can only go up.
Due to exposing to hyper-personal information like DoB, driving license, passport, residential address, etc. Threat actors will misuse your information for applying for credit on your behalf without you knowing about it.
What do criminals do with stolen data?
If cybercriminals find some agency willing to give credit, they'll immediately spend it, resulting in load default, it will put a black mark against your name, and you won't even know about it until you need the credit for yourself the next time.
Optus said that it has contacted Deloitte for assistance, and will do an external forensic inquiry of the breach to know how the incident happened and how Optus can take preventive measures to stop it from happening again.
Singtel, a telecommunication conglomerate in Singapore is the parent company of Optus, it also shares a few stakes in Bharti Airtel, the second largest telecommunication carrier in India. Singtel on its website said:
"Approximately 1.2 million customers have had at least one number from a current and valid form of identification, and personal information, compromised."
What kind of information was leaked?
Singtel also said that the leak has impacted expired IDs and personal info of around 900,000 additional customers, stressing that leaked data doesn't include valid or current document ID numbers for around 7.7 million customers. Customers are advised to stay vigilant about possible smishing and phishing attacks.
In the Optus incident involving the customers that are most affected, state law enforcement agencies and Australian police are working together on "Operation Guardian" to help with securing the identity of the impacted customers.
The next step for Optus
Optus has informed the affected customers that their personal information has been compromised in the breach, also including Medicare IDs. Optus on 28 September disclosed- out of 9.8 million customer records leaked, the leak involved around 14,900 working Medicare IDs and 22,000 expired Medicare card numbers.
The data leak incident surfaced on September 22, involving a threat actor getting unauthorized access to customer details. The criminals used the alias "optusdata," and they leaked a small sample of the stolen data of 10,200 users, demanding Optus to pay a ransom of $1 million to stop more leaks.
It raises a question for you: why can't I control my own identity? The answer, is you can, by limiting how and where you share your information.
However, the Optus data leak has made us all doubt if we can trust any organization?