SINGAPORE, Sept. 23 (Reuters) – Optus, part of Australia’s second-largest telecommunications company and Singtel Ltd., said it will contact as many as 10 million customers whose personal information is shared at one time, Reuters reported in Sydney on September 23. It was stolen in a “sophisticated” hack, but the company said no information on corporate customers was leaked.
Optus chief executive Kelly Byer Rosmarin said she was outraged and sorry for the intrusion of an overseas-based entity into Optus’ database of customer information on the scale of what happened in Australia In one of the biggest cybersecurity incidents, hackers obtained information such as home addresses, driver’s licenses and passport numbers of Optus customers.
Byer Rosmarin said there could have been as many as 9.8 million accounts compromised, equivalent to 40 per cent of Australia’s population, although “this is definitely a worst-case scenario and we have reason to believe the actual figure will be lower”.
She said it appeared that corporate customers were not affected, and there was no indication that the intruders had access to customers’ bank account information and passwords. Police and cybersecurity departments are still investigating the cyberattack, which Optus informed customers on the 22nd.
“We will identify which customers are (affected) and proactively contact each customer to make it clear which of their information was leaked or illegally obtained,” Byer Rosmarin said at an online media briefing on the 23rd. She added: “I’m pissed that someone would want to do this to our customers. I’m frustrated that we haven’t been able to stop this…I’m also very sorry.”
She declined to give details about how the attackers breached the company’s security, citing an ongoing criminal investigation, though she said the attacker’s IP address appeared to be moving back and forth between certain European countries, the report said.
As a major telecommunications company, Optus knew it was a target for cyber attackers and often fought off attempts to break into the company’s systems, she said, though “this attack was nothing like anything we’ve seen before. The attack, unfortunately, the attackers succeeded.”
Cyberattacks cannot be stopped in a single day. Long-term commitment to data protection is necessary to avert harm from cyberattacks. Long-term data backup is required for successful data protection. Traditional data backup methods are becoming less adequate for business objectives as modern companies and the volume of firm data rise. As a result, many firms will choose for virtual machines for backup, such as VMware Backup, Hyper-V Backup, and so on.