Uncovered Hackers Ransom Letter to Optus
An alleged attacker seeking a ransom payment of 1 million USD from Optus in exchange for customer records published 10,000 online on Tuesday 27th of September; the hacker then issued an apology online, and then the hacker’s account on the forum was shut down by authorities.
On Monday night 26th of September, the alleged attacker uploaded a text file of 10,200 records to a data breach website on the dark web and promised to leak records each day for the next four days unless Optus paid $1 million USD in untraceable cryptocurrency called Monero.
The leaked text file contained full names, gender (Mr, Mrs), dates of birth, email addresses, driver’s licence numbers, passport numbers, Medicare numbers, phone numbers and home addresses. The list also included dozens of state and federal government email addresses, including from the defence department and from the Department of Prime Minister and Cabinet.
By late Tuesday 27th morning, the alleged attacker had had a change of mind, while their account on the dark web chat goup had been shut down. Please see the actual message from the hacker below;
This sudden change in events will not bring relief to Optus customers worried about being caught up in the data breach. See the actual post below from the dark web chat group:
Optus is claiming the data breach occurred due to a “sophisticated attack”; the federal government maintains that it was due to a simple error by the company that had left the data accessible to anyone online and that the data was very easily accessible by anyone with basic computer programming experience.
It is not 100% known if the alleged attacker is the person or entity whom obtained the confidential customer data.
The attorney general, Mr Mark Dreyfus, confirmed that the FBI in the US was assisting the AFP operation to discover who might have accessed the Optus data.
There are suggestions that some scammers are already trying to capitalise on the breach by targeting Optus customers.
The Commonwealth Bank of Australia said on Tuesday it had blocked an account referenced in an spam SMS message designed to extort $2,000 from poor victims of the Optus client data breach.
References
Written by The Original PC Doctor on 29/9/2022.