Australia’s Optus cyberattack: ‘no passwords compromised’ as company contacts affected customers
- Personal details of up to 10 million customers accessed in one of Australia’s biggest cybersecurity breaches
- Company, owned by Singapore Telecommunications Ltd, says no passwords or financial details have been compromised in the attack
Chief executive Kelly Bayer Rosmarin said on Friday she was angry and sorry that an offshore-based entity had broken into the company’s database of customer information, accessing home addresses, drivers licence and passport numbers of the equivalent to 40 per cent of Australia’s population.
“I’m angry that there are people out there that want to do this to our customers. I’m disappointed that we couldn’t have prevented it ... and I’m very sorry,” she added.
In an update on Saturday, the company, owned by Singapore Telecommunications Ltd, said it was contacting “all customers to notify them of the previously announced cyberattack’s impact, if any, on their personal details”.
“We will begin with customers whose ID document number may have been compromised, all of whom will be notified by today. We will notify customers who have had no impacts last,” it said in a statement. “No passwords or financial details have been compromised.”
Optus has said corporate customers appeared unaffected by the “sophisticated” hack, which it initially informed customers about on Thursday.
The Sydney Morning Herald on Saturday reported Optus was probing a threat to sell millions of customers’ personal information online unless the company paid $1 million in cryptocurrency to the hackers.