A cyber security expert has refuted claims the Optus cyberhack that exposed millions of customers’ details was “sophisticated”, saying that an online poster claiming to be the hacker has already publicly released the details of 10,000 Optus customers.
Brett Callow, a Threat Analyst at Emsisoft, said that an anonymous account claiming to be responsible for the account has posted a message online in which it claims to have already publicly released the stolen private information of 10,000 customers.
The post also includes a threat that more batches will be released each day for the next four days unless demands are met.
Callow told Today that based on the information he had received, the hack did not seem sophisticated and could have possibly been done by a single young person.
“It would sound like something potentially a high school kid could’ve pulled off.
“That’s not unusual. Young people have been responsible for some of the biggest hacks of recent times.”
Callow said not a lot can be done to protect the information unless the perpetrator is apprehended, which he admits is “easier said than done”.
“If it was easy to track down hackers, there would be no hackers,” he said.
He added the motive of the hacker is “pure and simple”; it comes down to money.
A self-declared “evil genius” claiming responsibility for the hack has allegedly demanded A$1.5 million in ransom money from Optus.
“This has become more and more of an issue in recent years.
“People are weaponising companies’ customers. They are stealing their data, and in some cases, they are actually contacting the people to which the data relates.”
Customers ‘violated’ by hack
An estimated 9.8 million customers’ details are believed to have been compromised in the breach, which came on the National Day of Mourning last week.
Beth Snape, one of the millions caught up in the hack, said she feels “violated”.
“It doesn’t leave me feeling very well,” she said, revealing she’s a silent voter because of the job she does.
“We received a letter to say we’ve been compromised.
“It’s a real concern for from my point of view. I’m trying to protect my own family and had security measures in place for that and it seems to be compromised now.
“I don’t know how we can protect everybody. I really don’t know.
“I’m at a loss to know what to do.”
“No copies of photo IDs have been affected,” Optus added.
Customers are urged to watch out for suspicious activity across online accounts, and to be weary of any calls, emails or texts from potential scammers.
“Never click on any links that look suspicious and never provide your passwords, or any personal or financial information,” the company said.
Customers are also urged to change their passwords, and implement two-factor authentication on all accounts.
The company yesterday pledged to offer free credit monitoring to its “most affected” customers, following a call to action by Home Affairs Minister Clare O’Neil.
“Optus is offering the most affected current and former customers whose information was compromised because of a cyberattack the option to take up a 12-month subscription to Equifax Protect at no cost,” it said in a statement.
“Equifax Protect is a credit monitoring and identity protection service that can help reduce the risk of identity theft.
“The most affected customers will be receiving direct communications from Optus over the coming days on how to start their subscription at no cost. Please note that no communications from Optus relating to this incident will include any links as we recognise there are criminals who will be using this incident to conduct phishing scams.”
The statement does not, however, say what constitutes a “most affected customer”.
Scammer’s plot brought undone by several glaring mistakes in text message
Share this news on your Fb,Twitter and Whatsapp
Times News Network:Latest News Headlines
Times News Network||Health||New York||USA News||Technology||World News
