What we know about the cyber attack on Optus and how to protect yourself online.
A cyber attack on the phone company Optus could have led to a data breach that could have affected both current and former customers.
Optus says it noticed “unusual activity” yesterday afternoon and is now working with the Australian Cyber Security Centre and the Australian Federal Police to figure out what happened.
Here’s what we know about the attack and what you can do to protect yourself online.
What kind of information could have been made public?
Optus says the following kinds of information could have been leaked:
- Names of customers;
- Birthdates;
- Phone numbers;
- Email addresses;
For some customers only:
- Addresses
- Numbers on ID documents like driver’s licenses or passports
Optus says that no payment information or account passwords have been lost or stolen.
Also, Optus services, like mobile and home internet, are not affected, nor have messages or voice calls been hacked.
The company says that it is still safe to use Optus services and that they work as usual.
Who has the cyber attack affected?
CEO of Optus Kelly Bayer Rosmarin says that the cyber attack could have affected both current and past customers.
Ms. Rosmarin says that a “significant” number of people are affected, but she didn’t give a number because it’s still too early.
She told ABC’s Afternoon Briefing, “We want to be absolutely sure when we say how many.”
“We’re really upset because we spend so much time and money trying to stop this from happening.”
Our teams have stopped a lot of attacks in the past, so it’s very disappointing that this one worked.
How can I improve my online safety?
Optus says they don’t know of any customers who have been hurt, but they still want people to be “more aware” of their accounts and keep an eye out for any strange or fraudulent activity or notifications that seem odd or suspicious.
Optus has suggested that people look for information from reliable sources, such as the government’s Money Smart platform and the Identity Fraud page on the website of the Office of the Australian Information Commissioner.
Optus says it will send “proactive personal notifications” and offer “expert third-party monitoring services” to customers who are thought to be at a higher risk.
Clare O’Neil, who is the Minister for Cyber Security in Australia, says that all Australians need to strengthen their cyber defenses to protect themselves.
The Australian Centre for Cyber Security (ACSC) suggests:
- Keeping your devices up-to-date to protect important information
- Securing your accounts with multi-factor authentication
- Backing up your data regularly to the cloud or an external hard drive
The ACSC website has step-by-step instructions on how to use these tips on Apple, Android, and Windows devices.
