Cybercriminals believed to be working for a criminal or state-sponsored operation breached Optus' internal network, compromising personal information impacting up to 9.8 million customers. According to Optus CEO Kelly Bayer, the oldest records in the compromised database could date as far back as 2017.
Personal information included in this compromised data set includes:
- Birth dates
- Phone numbers
- Passports and driver's license numbers (in some cases
Cyberriminals accessed the customer database through an unsercure API exposed to the public. This very basis cybersecurity oversight upturned Optus' original claim that the cyberattack was highly sophisticated.
Is your organization at risk of a data breach? Click here to find out >