Alleged Optus hacker apologises for data breach and drops ransom threat

Online account claims it published records of 10,000 customers and threatened to release more before change of heart

An alleged attacker who was seeking a ransom payment from Optus in exchange for millions of customer records published 10,000 records online on Tuesday before retracting the threat and deleting all demands.

On Monday night the alleged attacker uploaded a text file of 10,000 records to a data breach website and promised to leak 10,000 more records each day for the next four days unless Optus paid $1m in cryptocurrency.

The text leak contained names, dates of birth, email addresses, driver’s licence numbers, passport numbers, Medicare numbers, phone numbers and address information. It also included more than a dozen state and federal government email addresses, including four from the defence department and one from the Department of Prime Minister and Cabinet.

But by late Tuesday morning, the alleged attacker had apparently had a change of heart, deleting their posts and claiming they had also deleted the only copy of the Optus data.

“Too many eyes. We will not sale [sic] data to anyone. We can’t if we even want to: personally deleted data from drive (Only copy),” they said in a new post.

“Sorry too [sic] 10,200 Australian whos [sic] data was leaked.

“Australia will see no gain in fraud, this can be monitored. Maybe for 10,200 Australian but rest of population no. Very sorry to you.”

The alleged attacker apologised to Optus and said they would have reported the exploit if Optus had made it possible to report. Optus said no ransom has been paid.

This sudden about-face will not bring relief to Optus customers stressed about being caught up in the breach.

Optus is still claiming the breach occurred due to a “sophisticated attack”, while the federal government maintains that it was due to an error by the company that had left the data accessible online.

It is unclear if the alleged attacker obtained the customer data – and whether they were the only party to do so.

The attorney general, Mark Dreyfus, confirmed on Tuesday that the Federal Bureau of Investigation in the US was assisting the Australian federal police’s operation to discover who might have accessed the data, and who was attempting to sell it.

There are suggestions scammers are already trying to capitalise on the breach by targeting Optus customers.

The Commonwealth Bank of Australia (CBA) said on Tuesday it had blocked an account referenced in an SMS message designed to extort $2,000 from victims of the Optus data breach.

In the SMS, victims were told that if they did not pay the money “your information will be sold and used for fraudulent activities within 2 days”.

A CBA spokesperson said the bank was “aware of an SMS seeking to solicit funds and referencing a CBA bank account following the Optus data breach, and we have identified and blocked this account”.

The block means that money can’t be transferred into or out of the account. It is understood that no money was transferred into the account between the SMS being sent and CBA blocking it.

“We continue to work closely with the Australian Federal Police and other investigative, government and regulatory authorities to limit the impact of any fraud and scams resulting from the events over the past few days,” the CBA spokesperson said.

Details of the SMS message were first reported on Twitter by a Nine Entertainment reporter on Tuesday morning.

CBA also said it was also offering customers a free service called SavvyShield that makes it easier for people who think their identity has been compromised to block inquiries about their credit history and stop attempts to apply for credit in their name.


Josh Taylor and Ben Butler

The GuardianTramp

Related Content

Article image
AFP investigates $1m ransom demand posted online for allegedly hacked Optus data
Attorney general Mark Dreyfus has been briefed by the privacy commissioner about hack and is seeking ‘urgent’ meeting with telco

Royce Kurmelovs

24, Sep, 2022 @7:20 AM

Article image
Optus data breach: everything we know so far about what happened
Who is the attacker? How was the data accessed? What was taken? Digital security experts explain

Josh Taylor

28, Sep, 2022 @5:30 PM

Article image
Customers’ personal data stolen as Optus suffers massive cyber-attack
Personal information of potentially millions of customers exposed, including names, dates of birth, addresses, and contact details

Ben Doherty

22, Sep, 2022 @5:14 AM

Article image
Optus tells customers affected by data breach they can no longer use passports as online ID
Exposed passport numbers blocked from being used in national Document Verification System

Tory Shepherd

17, Oct, 2022 @7:02 AM

Article image
Purported Optus hacker releases 10,000 records including email addresses from defence and prime minister’s office
Optus CEO says federal police are ‘all over’ post with ultimatum demanding $1m within four days after massive data breach

Natasha May and Josh Taylor

27, Sep, 2022 @1:32 AM

Article image
Optus cyber-attack could involve customers dating back to 2017
CEO says company has not yet confirmed how many people were affected by hack, but 9.8 million was ‘worst case scenario’

Josh Taylor

23, Sep, 2022 @3:04 AM

Article image
Federal government under pressure to reveal Optus data breach plan as FBI called in to help
Sources say Labor is considering options including a parliamentary review or inquiry into massive cyber-attack

Josh Butler and Ben Butler

27, Sep, 2022 @8:53 AM

Article image
Optus data breach: federal police launch ‘Operation Guardian’ to protect identity of 10,000 victims
AFP assistant commissioner Justine Gough said force wanted to ‘supercharge’ protection from identity crime and financial fraud

Josh Taylor

30, Sep, 2022 @2:05 AM

Article image
Anthony Albanese says ‘Optus should pay’ for new passports for data breach victims
Push comes day after states suggest telco will pick up multi-million dollar tab for replacing driver’s licences of affected customers

Josh Butler and Ben Butler

28, Sep, 2022 @9:57 AM

Article image
Optus cyber-attack: company opposed changes to privacy laws to give customers more rights over their data
In its submission to Privacy Act review telco said giving people right to erase personal data would involve ‘significant’ hurdles and costs

Josh Taylor

23, Sep, 2022 @8:00 PM