Hacker releases 10,000 customer records online


“If something comes out of that that indicates that Optus has made an error or done something bad, we will of course take full responsibility for that.”

Asked whether she would take responsibility for the hack occurring on her watch and resign, Bayer Rosmarin said: “All we’re focussed on is protecting our customers. So someone has to be accountable for doing that and that’s exactly what I’m focussed on.”

Optus customers have been left fuming by the company’s response.

One man, who spoke on condition of anonymity, said he had been repeatedly told by Optus customer representatives over the phone on Monday that his data was not “flagged as having been involved”. But late that night he received an email confirming it had been stolen.

“I am frankly appalled,” he said.

In a post shared widely on social media, authored by a purported hacker behind the breach, the extortionist warns that 10,000 records will be released each day over four days unless Optus pays $US1 million.

The personal records of 10,000 Optus customers have been released, according to an apparent extortionist. Credit:Justin McManus

“If you care about customer, you will pay,” the note reads.

Robert Potter, co-founder of cybersecurity firm Internet 2.0, cautioned against giving too much attention to the alleged hacker and their claims, saying there was no guarantee a hacker would return data even if their demands were met.

“You’ve only got their word,” Potter said. “And it only encourages an industry to grow around it.”

Loading

“Efforts to retrieve data are often not very successful once it’s been fully stolen,” he said.

The page where the hacker was posting their claims, Potter said, now itself appeared to be spreading malware according to two anti-virus vendors.

On Tuesday morning the purported hacker posted a message saying: “Too many eyes. We will not sale [sic] data to anyone. We can’t even if we want to: personally deleted data from drive (only copy).”

The veracity of the posts from the purported hacker have not been formally confirmed. Optus and the AFP have been contacted for comment.

However, Jeremy Kirk – the executive editor at Information Security Media Group, a computer security-focused publisher – says it appears legitimate.

He said it appeared Medicare numbers may have been exposed, with the word “Medicare” appearing 55 times across the records.

“There’s no winding this back, once that data is out there,” Kirk told Nine. “You’re not going to sell your house because of a data breach.”

Optus has stressed that investigations are ongoing, as have the federal police.





Source link

Denial of responsibility! planetcirculate is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.