September 24, 2022
Optus CEO Kelly Bayer Rosmarin has public apologised for a cyber incident that has resulted in an extensive breach of sensitive customer data. She said early indications are that the attack originated from somewhere in Europe. “Without saying too much, the IP address kept moving … it’s a sophisticated attack," she said. "Safe to say…

Optus CEO Kelly Bayer Rosmarin has public apologised for a cyber incident that has resulted in an extensive breach of sensitive customer data.

She said early indications are that the attack originated from somewhere in Europe.

“Without saying too much, the IP address kept moving … it’s a sophisticated attack,” she said.

“Safe to say it comes out of various countries in Europe.”

She said it is too early for Optus to know whether the attack was launched by a state-based actor or cyber criminals, but confirmed that the Australian Federal Police is investigating.

In response to criticism that customers haven’t yet had direct contact, she explained that after learning of the breach on Wednesday, it was decided “to put a call out to all of our customers to be on alert in the best way that we can” – via media organisations.

Breached customer data could date back as far as 2017.

However, Bayer Rosmarin said Optus “has reason to believe” the attack affected far less than 9.8 million customers.

As iTnews reported earlier, Emsisoft threat analyst Brett Callow posted on Twitter that he had seen 1.1 million records purportedly from Optus offered for sale on September 17.

“I want to make it clear that [9.8 million] is the absolute worst case scenario,” she said.

“We have reason to believe that the number is actually smaller than that.

“But we are working through reconstructing exactly what the attackers have received.”

Bayer Rosmarin would not confirm the accuracy or otherwise of Callow’s tweet: “We are still working to validate that that information is relevant and is even Optus data,” she said.

“One of the challenges when you go public with this sort of information is you can have lots of people claiming lots of things … there is nothing that’s been validated and for sale that we’re aware of, but the teams are looking into every possibility.”

Optus said it would prioritise contact with customers that had the largest amount of data exposed.

“Over the next few days, all customers will know in what category they fall.”

Source