Optus cyberattack: Authorities probe ransom demand

Home Affairs and Cyber Security Minister Clare O’Neil revealed that “basic personal information” (such as names, dates of birth, phone numbers, and email addresses) was taken from 9.8 million Optus customers and personal data (such as driving license and passport numbers) from 2.8 million customers.

“The scope for identity theft and fraud is quite significant,” O’Neil said, as reported by Bloomberg, emphasising that Australia’s data and technology defences are years behind cyber criminals.

Read more: Australian telecom Optus hit with massive cyber attack

“We are probably a decade behind in privacy protections where we ought to be,” O’Neil said, as reported by Bloomberg. “We’re about five years behind where we should be in cyber protections when it comes to how fast things are moving.”

Optus has assured that payment details and account passwords have not been compromised. However, it advised current and previous customers to have “heightened awareness,” including looking out for unusual or fraudulent activities or notifications.

Cyberattacks have been rampant since the COVID-19 pandemic started. In 2021, a cyber report found that security incidents remained high throughout the year, with four in 10 Australian businesses successfully breached. Australian IT leaders ranked ransomware, malware, and phishing or whaling as the leading sources of increased cyber security attacks.

In early 2022, a cyber risk index found that 76% of global organisations surveyed expect to be successfully breached for the rest of the year, with 25% claiming it is “very likely” to happen.