The attack on an Optus database that “At most” consisted of 9 million records of customers is believed to have come from Europe and not China according to the Optus CEO, a key partner of Optus is Harvey Norman.
No passwords were taken, and customers will be told what they must do but not via emails or messages with links for fear of another phishing attack on customers information according to Kelly Bayer Rosmarin who is also keeping competitors up to date on the attack.
“This particular attack is not similar to anything we’ve seen before,” she said.
Despite Harvey Norman being a key partner they may not have been caught up in the breach, Optus has confirmed that its enterprise wing and other brands on its network, such as Coles Mobile and Amaysim, have not been affected.
ChannelNews understands that Optus is working with Australia’s leading cyber security organisation the Australian Signals Directorate to trace the perpetrators of the devastating cyber attack, which exposed passport, driver’s licence and phone numbers, email and home addresses and dates of birth of customers, no passwords were obtained.
A further seven million Optus users had their dates of birth, email addresses and phone numbers stolen.
Optus chief executive Kelly Bayer Rosmarin apologised to the telco’s customers, describing the cyber breach as “absolutely devastating”.
The drama for Optus started to unfold on Wednesday with many crediting the carrier with the swiftness that they went to the media to inform the market and customers that their databases had been “hacked”.
After it was identified, Optus’ cyber team took steps to block it and begin the process of understanding exactly what had transpired and how, Rosmarin claimed in a press briefing this morning.
“It was only late that night that we were able to determine that it was of a significant scope. I think that was sort of a late-night call. And by 2pm the next day we had notified everybody and tried to get all our ducks in a row. From what I understand. It’s probably one of the fastest responses in these sorts of situations,” she said.
She also said that the attacked database was in Australia and that the Singapore owned Company was now working with Federal security authorities and that the attack was now deemed a crime scene and now part of a criminal investigation.
“Unfortunately, given the scale of what we’re talking about, we’re still working through how those organisations would be able to effectively support our customers. So, it’s being explored … we’re talking to a range of different providers and that is still a work in progress.”
Bayer Rosmarin then confirmed that there is no cross-contamination of the Optus data breach with Optus and holding company Singtel’s other business arms.
