You are currently viewing Australian Company Optus Experienced a Major Ransomware Attack

Australian Company Optus Experienced a Major Ransomware Attack

Digital transformation has become the norm among companies and organizations. Crucial information related to business activities and customer details is stored in cloud storage for easy retrieval and convenience. As a result, cyber security becomes a primary concern for safely maintaining critical information. Despite that, major organizations are constantly experiencing ransomware attacks from cybercriminals. This time, it’s the Australian telecom company Optus that became the target.

Optus is one of the largest global telecom companies in Australia. Recently, it has been declared that the organization has encountered a massive ransomware attack, leading to the data theft of millions of customers. Experts believe that it is one of the worst cyber attacks in Australia. The successful ransomware attack has also raised concerns about data privacy practices in Australia.

Optus Data Breach Details

The attack has caused the loss of sensitive customer information which include names, address, email & phone contacts, and information related to driver’s license numbers and passports.

  • An anonymous user with the name “Optusdata” demanded a ransom of $1 million (A$1.5 million; £938,000) from Optus. The ransom has to be paid in cryptocurrency.
  • The same user seemingly released details of 10,000 customers online but deleted those after a few hours, calling the incident a mistake.

Australian investigators are actively looking into the roots of Optus cyber attack. Investigations claimed that Optus possessed a crucial vulnerability; an API online that didn’t require any kind of authorization for accessing customer data. As a result, this vulnerability could be exploited by anyone with knowledge of that particular URL. The breach was ‘sophisticated’ as several European IP addresses kept changing at the time of the attack. Rumors claimed that the culprits could be state-sponsored hackers.

Although Optus claimed that the cyber system had multiple layers of protection and stored data was heavily encrypted, hackers managed to steal personal information such as full names, birth dates, contact numbers, and email addresses of several customers. Some customers have also lost their home address, passport information, driver’s license, and Medicare details. The Australian government declared that those individuals were at significant risk of online fraud and identity theft.

According to Optus, almost 9.8 million people suffered due to the cyber attack, and 2.8 million people were severely impacted. Around 17,000 people with Medicare numbers and 10,000 users with passport numbers were exposed due to the attack. Although some of the data were posted by “Optusdata” it’s not sure whether the same person is responsible for the data breach.

How to Prevent Data Breach

The massive Optus data breach has raised concerns about maintaining data privacy, confidentiality, and integrity. It is only a matter of time before other companies will encounter such a cyber attack.

The following precautions need to be taken to minimize online threats:

  • Constant monitoring of network activities to quickly identify any suspicious scheme
  • Periodically conducting Web Application Audit to identify potential vulnerabilities
  • Security control review to prevent any gaps or weaknesses
  • Identifying any unprotected systems or unpatched devices to quickly necessary solutions
  • Deploying solutions like risk assessment, endpoint detection, and response
  • Using a proactive cyber security plan to improve the cyber resiliency of the system

The best protection against a data breach is to receive managed security services. As a CERT-In empanelled agency, Prime Infoserv LLP is the most preferred cyber security advisor which supports key public as well as private sector enterprises in the industry delivering state-of-the-art solutions on vulnerability assessment and penetration testing (VAPT), managed security services, web application audit, NoC, SoC, SIEM, SOAR, and other security solutions. As a security service provider, we offer top-notch proactive plans that include Anti-Ransomware Readiness (ARR) Audit, a combination of active and passive non-intrusive techniques that delivers a strong and technical process to an organization to mitigate ransomware threats.

Do check our website www.primeinfoserv.com for more details or write us at info@primeinfoserv.com or contact us at +913340085677 for queries.

Tags: , , , ,