News Daily


Men's Weekly

Australia

  • Written by The Conversation
The 'Optus hacker' claims they've deleted the data. Here's what experts want you to know

Shortly after Australian telecommunications company Optus announced the identity data of millions of customers had been stolen, a person claiming to be the hacker announced they would delete the data for US$1 million.

When Optus didn’t pay, the purported hacker published 10,000 stolen records and threatened to release ten thousand more every day until the ransom deadline. These leaked records contained identity information such as driver’s license, passport and Medicare numbers, as well as parliamentary and defense contact information.

A few hours after the data drop, the purported hacker unexpectedly apologised and claimed to have deleted the data due to “too many eyes”, suggesting fear of being caught. Optus confirms they did not pay the ransom.

They’ve said they deleted the data – now what? Is it over?

Communication from the person claiming to be the hacker and the release of 10,200 records have all occurred on a website dedicated to buying and selling stolen data.

The data they released are now easily available and appear to be legitimate data stolen from Optus (their legitimacy has not been verified by Optus or the Australian Federal Police; the FBI in the United States has now been called in to help the investigation).

The question then is – why would the hacker express remorse and claim to delete the data?

Unfortunately, while the purported hacker did appear to possess the legitimate data, there is no way to verify the deletion. We have to ask: what would the hacker gain from claiming to delete them?

It is likely a copy still remains, and it’s even possible the post is a ploy to convince victims not to worry about their security – to increase the likelihood of successful attacks using the data. There is also no guarantee the data were not already sold to a third party.

What next?

Whatever the motivations of the person claiming to be the hacker, their actions suggest we should continue to expect all records stolen from Optus do remain in malicious hands.

Despite the developments, recommendations still stand – you should still be taking proactive action to protect yourself. These actions are good cyber hygiene practices no matter the circumstances.

Read more: What does the Optus data breach mean for you and how can you protect yourself? A step-by-step guide

An extra measure offered recently is changing your driver’s license number, ordering a new passport and Medicare card.

However it is unclear at this early stage whether free options to change these documents will be made to all data breach victims, or only a subset of victims.

Can I find out whether my data were part of the 10,200 leaked records?

Reports of people being contacted by scammers suggest they are already being used.

Troy Hunt, the Australian cyber security professional who maintains HaveIBeenPwned – a website you can use to check whether your data are part of a known breach – has announced he will not add the leaked data to the site at this stage. So this method will not be available.

The best course of action in this case is to assume your data may have been released until Optus notifies people in the coming week.

Are the released data already being used?

The least technically sophisticated method of targeting Optus customers is to use the details to make direct contact and ask for a ransom. There are reports blackmailers are already targeting breach victims via text message, claiming to have the data and threatening to post it on the dark web unless the victim pays.

The data have already leaked and claims about deleting the data are untrue. Paying anyone who makes these claims will not increase the security of your information.

Data recovery scams – where scammers target victims offering help to remove their data from the dark web or recover any money lost for a fee – have also become prominent. Instead of helping, they steal money or obtain more information from the victim. Anyone who claims to be able to scrub the data from the dark web is claiming to put toothpaste back in the tube. It isn’t possible.

The data could also be used to identify family members to make the “Hi Mum” or family impersonation scam more convincing. This involves scammers posing as a family member or friend from a new phone number, often using WhatsApp, in need of urgent financial help. Anyone receiving this kind of text message should make every effort to contact their family member or friend by other means.

What else can my data be used for?

The scams involved with these data will only grow in the coming days and weeks and may not be confined to the digital world.

Other possible uses involve activities like attempting to take over valuable online accounts or your SIM card, or setting up new financial services and SIM cards in your name. The advice we provided in our previous article applies to these.

Additionally, anyone with reason to be concerned about physical safety if their location is known (for example domestic abuse survivors) should consider the possibility that their names, telephone numbers and address may have leaked or may in the future.

If you have been the victim of fraud or identity theft as a result of this breach or any others, you can contact IDCare for additional aid and Cyber Report to report the crime.

Read more https://theconversation.com/the-optus-hacker-claims-theyve-deleted-the-data-heres-what-experts-want-you-to-know-191494

Split Corrugated Conduit and Solar Conduit: Protecting Wiring Systems for Modern Installations

In today’s increasingly connected and electrified world, proper cable management is not just a technical detail—it’s essential for safety. For electrical installations, solar setups, and industrial systems, two components play a vital role in cable protection: split corrugated conduit and... Read more

Understanding Shrink Films for Packaging: What You Need to Know

In today’s fast-paced business environment, efficient and reliable packaging is more important than ever. One packaging solution that has gained widespread popularity across industries is shrink films for packaging. This versatile material offers excellent protection, enhances product presentation, and supports... Read more

How to Bulletproof Your Contracts Against Disputes

In the business world, contracts are the backbone of transactions, partnerships and collaborations. Yet even well-meaning agreements can lead to disputes if they’re not carefully drafted by business contract lawyers. To avoid costly legal battles and protect your interests, it's... Read more

Top 5 Providers of SEO Focused Guest Posts in Florida You Can Trust

Many companies today aim to increase their online presence, which is a good use for guest blogging. In guest blogging, you compose content for the benefit of other websites that link back to yours. This promotes your business and increases... Read more

The Role of Litigation Lawyers in Brisbane

Litigation lawyers in Brisbane play a crucial role in the legal landscape, ensuring justice is accessible and efficiently administered for the clients they represent. They have expertise in handling disputes that may result in court proceedings, with their work encompassing... Read more

Edge Computing: Revolutionising Connectivity in the Digital Age

Edge computing is rapidly transforming how organisations process and manage data, bringing computational power closer to where it's most needed. In an increasingly connected world, Microsoft Azure services are at the forefront of this technological revolution, enabling businesses to leverage... Read more