Australian telecommunications giant Optus confirmed on Monday local time that the personal information and at least one valid form of identification of about 1.2 million customers in a network breach it faced last month were destroyed.
Last month, an anonymous online account published the personal details of 10,200 Optus customers. The breach was at the time expected to affect about 10 million Optus customers, equivalent to about 40 percent of the Australian population, and drew heavy criticism from the Australian government.
Late Monday, Optus said the breach also affected expired IDs and personal information of about 900,000 customers, clarifying that "the exposed information did not contain valid or current document ID numbers for about 7.7 million customers. "
The company's parent company, Singtel, said it was assessing the cost of a massive breach by Australia's second-largest telco.
Optus said it had notified affected customers of the data breach after the Australian government urged it to expedite notification to 10,200 customers whose personal information was exposed.
Australian authorities were investigating possible leads. The Sydney Morning Herald published a report yesterday saying Optus had received extortion threats to pay $1 million in cryptocurrency or hackers would sell the personal information of millions of customers. The Australian Federal Police told Reuters that Optus customer data and other "credentials" were available for purchase on the "dark web" and other sources.
0 Comments