Skip to Content

Optus data breach

Updated on 2022-09-30: More News About Optus Breach

Australian authorities have asked the US Federal Bureau of Investigation (FBI) for help identifying the culprits responsible for the Optus breach. The incident has reportedly compromised driver’s license information, passport numbers, and email addresses of more than 10 million customers. Optus has taken a hit to its credibility after it became apparent that Medicare information was compromised as well, although Optus had not disclosed that. Initially, the attackers had demanded AU$1.5 million in ransom. Now the apparent culprits have apologized for the attack and have withdrawn the monetary demand as well as threats to post stolen data. However, more than 10,000 customer records had already been released.


  • Kudos to Optus for calling in additional support to work the breach. It’s not a bad idea to have an escalation plan in your hip pocket. At this point, if you’re using Optus, assume your data is compromised. Take active steps to monitor your identity, don’t wait for the investigation to complete.


Updated on 2022-09-30: Australia is set to overhaul its privacy laws after a major data breach at the country’s second-largest telco.

Optus was hacked and is said to have leaked personal information including names, dates of birth, addresses, contact details, and even passport numbers affecting 40% of the Australian population. New laws will require any company suffering a data breach to inform related banks to reduce potential fraud. Read more: Australia flags privacy overhaul after huge cyber attack on Optus

Updated on 2022-09-29

Optus informed former Virgin Mobile and Gomo customers that the recent data breach also impacted their personal information. Read more: Optus tells former Virgin Mobile and Gomo customers they could also be part of data breach

Updated on 2022-09-28: Optus hacker backtracks

The hacker who breached, stole, and tried to sell data from Australian telco Optus has changed their mind, removed a forum entry advertising the company’s data, and posted a new entry apologizing to Optus for the intrusion. It is unclear what caused this sudden change of heart, but infosec reporter Jeremy Kirk says that Optus has not paid a ransom to the attacker, so this looks like a decision taken on the hacker’s side.

In the meantime, the Australian government said that since driver’s license numbers were stolen in the breach, anyone whose data was leaked in the Optus incident can apply for a free replacement. Read more: Optus data breach: What to do about replacing your driver’s licence and passport

Updated on 2022-09-27

The hacker behind the Optus breach released a sample of 10,200 stolen records and asked for $1 million as part of its extortion efforts. The dataset has, however, been taken down. Read more: Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme

Updated on 2022-09-26: Optus data up for sale

After Australian telco Optus disclosed a security breach last week, the company’s data has now popped up for sale on Breached, a famous cybercrime forum. According to the seller, the data contains data on 11.2 million Optus users.

The person claiming to have hacked Optus published data samples as well as an extortion demand against the company on a data breach forum early Saturday.

Updated on 2022-09-25: Australia’s second-largest telco Optus was hacked

Aussie telco giant Optus was recently hacked (date unknown but discovered September 14) with an attacker claiming to have stolen 11.2 million sensitive customer records. The hack is messy, not least thanks to Optus’ crappy communications. But a dump of sample data posted online looks legit, according to @jeremy_kirk, who’s covered this story from the very beginning.

According to the hacker, an unauthenticated API allowed access to the customer databases, which the hacker then took by accessing records sequentially — eventually enough to trigger alerts. Kirk validated some data, including speaking to a local resident who lives nearby. Stellar reporting here, even as the story develops. This could be one of the country’s biggest breaches to date.


Updated on 2022-09-23

Optus, the second largest telecommunications provider in Australia, said it was dealing with a cyberattack. In a message posted on its website, the company said it is still investigating the incident, but it believes that a threat actor might have viewed the personal data of its customers. Optus didn’t say how many users were impacted by this incident but said it’s already working with authorities on the case.

Information which may have been exposed includes customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver’s licence or passport numbers. Payment detail and account passwords have not been compromised.


Updated on 2022-09-21: Optus Discloses Data Breach

Australian telecommunications company Optus has acknowledged that a data breach compromised personal information of current and former customers. The affected data include dates of birth, email addresses, and passport numbers. Optus says that their “systems and services, including mobile and home internet, are not affected, and messages and voice calls have not been compromised.”


  • At this point Optus has already contacted affected users. Optus both left administrative interfaces to systems available to the Internet to facilitate remote maintenance and failed to change default passwords. Make sure that remote maintenance uses VPN or other secure access mechanism, requires MFA, and that all default passwords are changed. Never assume an adversary cannot determine the default password, no matter how tightly you feel that information is held.



Optus, Australia’s second-largest telecom carrier, underwent a data breach that potentially impacted the personal information, names, contact details, and dates of birth, of millions of customers.

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.