Skip to Content

T-Mobile hacker sentenced

Updated on 2022-12-22: T-Mobile hacker sentenced

Argishti Khudaverdyan, the owner of a T-Mobile retail who hacked into T-Mobile’s main network as part of a larger phone-unlocking scheme, was sentenced last week to 10 years in prison. Read more: Former Mobile Phone Store Owner Sentenced to 10 Years in Federal Prison for Multimillion-Dollar Scheme to Illegally Unlock Cellphones

Updated on 2022-12-07: Dutch SIM swapper gets four years

A 20-year-old from the Dutch town of Eelderwolde was sentenced to four years in prison for breaking into the IT systems of Dutch mobile operator T-Mobile. Officials said the man worked with a 17-year-old and executed spear-phishing and SIM-swapping attacks to break into bank accounts and steal more than €100,000 from dozens of victims. Read more: Vier jaar cel voor jonge cybercrimineel uit Eelderwolde

Updated on 2022-12-01

A new bill approved by the Australian parliament will now charge AUD50 million ($34 million) for companies suffering from large-scale data breaches. Read more: Australia will now fine firms up to AU$50 million for data breaches

Updated on 2022-11-09: Sydney teen pleads guilty to extorting Optus customers

Dennis Su, 19, from Sydney, pleaded guilty this week to extorting Australians who had their data leaked in the Optus breach. Su—who was not involved in the breach itself—admitted to taking some of the leaked Optus data, contacting some users via SMS, and demanding an AUS$2,000 payment or he’d use their personal details to commit “financial crimes.” Su was detained in early October, a week after sending out the SMS messages. Read more: Sydney teenager Dennis Su pleads guilty to using Optus data breach information to blackmail customers

Updated on 2022-10-27: Australian government gets serious about privacy fines

This week’s Federal budget contains AUD$5.5m for the Office of the Australian Information Commissioner to investigate the recent Optus breach. And the government also introduced legislation that will vastly increase the financial penalties for serious data breaches. Maximum fines will increase from AUD$2.2m to the greater of AUD$50m or 30% of company turnover. We are not a fan of indiscriminate fines, but the proposed penalties will definitely focus attention on cyber security issues. The legislation also gives government bodies greater enforcement and information sharing powers. Read more:

Updated on 2022-10-09: Optus confirms at least 2.1M ID numbers exposed in breach

Australian telco giant Optus said this week that at least 2.1 million ID numbers were stolen in its massive breach, first reported a few weeks ago. That includes 150,000 passport numbers and 50,000 Medicare numbers (remember, this is Australia). Optus already said it would cover the costs of passport replacements, per the government’s request, though many of the documents were already expired, according to Optus. Read more: Optus reveals at least 2.1 million ID numbers exposed in massive data breach

Updated on 2022-10-06: Australian Police Arrest Individual for Allegedly Exploiting Optus Breach for Financial Gain

Police in Australia have arrested a person who allegedly attempted to extort funds from victims of the Optus data breach. It appears that this individual was not behind the attack, but used some of the leaked data to send threatening messages to victims.


  • Reporting fraud attempts to the proper authorities can make a difference. Use this as an example to support your reporting requirements. Both externally and internally. Determine the ability to take such a report, as well as how, prior to an incident.


Updated on 2022-10-06: Australia Proposes Temporary Changes to Data Privacy Rules in Response to Optus Breach

In the wake of the Optus breach, Australia’s government has proposed changes to the country’s Telecommunications Regulations 2021. “The amendments will enable telecommunications companies to temporarily share approved government identifier information (such as drivers licence, Medicare and passport numbers of affected customers) with regulated financial services entities to allow them to implement enhanced monitoring and safeguards for customers affected by the data breach.”


  • Data sharing agreements are critical on many levels. Prefer to do this on a case by case basis but sometimes this is hindered by local regulations. Australia is stepping in to remove the regulatory restrictions- even so all parties must use due diligence to ensure the data is properly protected and disposed of properly, both in alignment with the agreement and regulatory requirements. When in doubt seek expert guidance.


Updated on 2022-10-05

Optus confirmed that the cyberattack last month affected 2.1 million customers who had their government identification numbers—both valid and expired—compromised. Read more: Optus confirms 2.1 million ID numbers exposed in data breach

Updated on 2022-10-05: Australia minister slaps Optus ‘sophisticated’ hack: “It wasn’t”

Australia’s cyber security minister Clare O’Neill finally said what everyone’s been thinking — by calling BS on Optus, which claimed a “sophisticated” cyberattack exposed millions of Australians’ personal information. When asked on breakfast telly if O’Neill believes Optus’ claim that it was sophisticated, her response was: “Well, it wasn’t. So no.” O’Neill isn’t wrong — it looks like an unauthenticated internet-facing API was to blame, no login needed — the cyber equivalent of having unrestricted guest access to Fort Knox’s gold vault.

Australia minister slaps Optus 'sophisticated' hack: "It wasn't"

The Australian government pushed Optus to pay for replacing affected citizens’ passports (since identity documents were caught up in the breach).

Optus was also criticized for its handling of breach notifications, and is now prominently displaying its breach on ad displays in malls across the country.

Australia has some data protection laws, whereas stateside T-Mobile had its seventh security breach this year and America barely flinched…

Read more:

Updated on 2022-10-03: Optus Data Breach Compromised at Least 2.1 Million Valid Identification Numbers

Australian telecommunications company Optus says that a recent breach of its network compromised accounts belonging to 9.8 million customers. Of those, at least 1.2 million records contain at least one valid identification number. Optus has engaged Deloitte to investigate the breach and to determine what could have been done to prevent the incident. Optus has not yet revealed how the attackers infiltrated the network, nor have they provided details about which systems were affected.


  • While Optus has not publicly stated the vulnerability, the articles say local reports point to “did not require authentication or authorisation for customer data to be accessed.” “Broken Access Controls” is the number 1 vulnerability on the OWASP Top 10 and “Insecure Design” is number 4 – any thorough software review of internal code or use of a modern software test tool on any open source code should have detected this long ago.
  • In addition to the 1.2 million current customer records exposed, another 900,000 expired documents were exposed – which means attackers have customers’ old data that could be leveraged to obtain the current information. While the company says they are taking steps to prevent recurrence and affected users have been notified, it’s still not a bad idea to make sure you’ve got credit/ID monitoring now rather than waiting for this to all shake out.


Updated on 2022-09-30: More News About Optus Breach

Australian authorities have asked the US Federal Bureau of Investigation (FBI) for help identifying the culprits responsible for the Optus breach. The incident has reportedly compromised driver’s license information, passport numbers, and email addresses of more than 10 million customers. Optus has taken a hit to its credibility after it became apparent that Medicare information was compromised as well, although Optus had not disclosed that. Initially, the attackers had demanded AU$1.5 million in ransom. Now the apparent culprits have apologized for the attack and have withdrawn the monetary demand as well as threats to post stolen data. However, more than 10,000 customer records had already been released.


  • Kudos to Optus for calling in additional support to work the breach. It’s not a bad idea to have an escalation plan in your hip pocket. At this point, if you’re using Optus, assume your data is compromised. Take active steps to monitor your identity, don’t wait for the investigation to complete.


Updated on 2022-09-30: Australia is set to overhaul its privacy laws after a major data breach at the country’s second-largest telco.

Optus was hacked and is said to have leaked personal information including names, dates of birth, addresses, contact details, and even passport numbers affecting 40% of the Australian population. New laws will require any company suffering a data breach to inform related banks to reduce potential fraud. Read more: Australia flags privacy overhaul after huge cyber attack on Optus

Updated on 2022-09-29

Optus informed former Virgin Mobile and Gomo customers that the recent data breach also impacted their personal information. Read more: Optus tells former Virgin Mobile and Gomo customers they could also be part of data breach

Updated on 2022-09-28: Optus hacker backtracks

The hacker who breached, stole, and tried to sell data from Australian telco Optus has changed their mind, removed a forum entry advertising the company’s data, and posted a new entry apologizing to Optus for the intrusion. It is unclear what caused this sudden change of heart, but infosec reporter Jeremy Kirk says that Optus has not paid a ransom to the attacker, so this looks like a decision taken on the hacker’s side.

In the meantime, the Australian government said that since driver’s license numbers were stolen in the breach, anyone whose data was leaked in the Optus incident can apply for a free replacement. Read more: Optus data breach: What to do about replacing your driver’s licence and passport

Updated on 2022-09-27

The hacker behind the Optus breach released a sample of 10,200 stolen records and asked for $1 million as part of its extortion efforts. The dataset has, however, been taken down. Read more: Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme

Updated on 2022-09-26: Optus data up for sale

After Australian telco Optus disclosed a security breach last week, the company’s data has now popped up for sale on Breached, a famous cybercrime forum. According to the seller, the data contains data on 11.2 million Optus users.

The person claiming to have hacked Optus published data samples as well as an extortion demand against the company on a data breach forum early Saturday.

Updated on 2022-09-25: Australia’s second-largest telco Optus was hacked

Aussie telco giant Optus was recently hacked (date unknown but discovered September 14) with an attacker claiming to have stolen 11.2 million sensitive customer records. The hack is messy, not least thanks to Optus’ crappy communications. But a dump of sample data posted online looks legit, according to @jeremy_kirk, who’s covered this story from the very beginning.

According to the hacker, an unauthenticated API allowed access to the customer databases, which the hacker then took by accessing records sequentially — eventually enough to trigger alerts. Kirk validated some data, including speaking to a local resident who lives nearby. Stellar reporting here, even as the story develops. This could be one of the country’s biggest breaches to date.


Updated on 2022-09-23

Optus, the second largest telecommunications provider in Australia, said it was dealing with a cyberattack. In a message posted on its website, the company said it is still investigating the incident, but it believes that a threat actor might have viewed the personal data of its customers. Optus didn’t say how many users were impacted by this incident but said it’s already working with authorities on the case.

Information which may have been exposed includes customers’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver’s licence or passport numbers. Payment detail and account passwords have not been compromised.


Updated on 2022-09-21: Optus Discloses Data Breach

Australian telecommunications company Optus has acknowledged that a data breach compromised personal information of current and former customers. The affected data include dates of birth, email addresses, and passport numbers. Optus says that their “systems and services, including mobile and home internet, are not affected, and messages and voice calls have not been compromised.”


  • At this point Optus has already contacted affected users. Optus both left administrative interfaces to systems available to the Internet to facilitate remote maintenance and failed to change default passwords. Make sure that remote maintenance uses VPN or other secure access mechanism, requires MFA, and that all default passwords are changed. Never assume an adversary cannot determine the default password, no matter how tightly you feel that information is held.



Optus, Australia’s second-largest telecom carrier, underwent a data breach that potentially impacted the personal information, names, contact details, and dates of birth, of millions of customers.

    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on