Optus - Major Data Breach

Some good resources here.

https://www.cyber.gov.au/acsc/view-all-content/alerts/optus-…

Optus has suffered a massive data breach, compromising the personal information of up to 9 million customers.

About 2.8 million customers have had all their personal details taken in the cyber attack, including their passport and licence numbers, email and home addresses, dates of birth and telephone numbers.

About 7 million had their dates of birth, email addresses and phone numbers stolen.

The breach involves both current and former customers.

This is worrying.

22/9: Optus’s statement.

Mod 26/9: Whirlpool - Check Optus Customer API

Related Stores

Optus
Optus

Comments

  • +6

    Does this affect MVNOs like amaysim?

    Although OPTUS did acquire amaysim

    • Good question..

    • +19

      I wanted to find out. So, I called up Amaysim asking to speak to their Privacy Officer.
      After being on hold for > 30 min, no one could answer the question, and asked me to submit my enquiry in writing. WTF!

      • +7

        I think everyone should complain to the TIO (https://www.tio.com.au) for this mishandling of information.

        The Privacy Act gives you the right to make a complaint to if you believe an organization has mishandled your personal information contained. I’m not an expert, but this seems to be the case IMO. https://www.oaic.gov.au/privacy/privacy-complaints/external-…

        • +2

          done

        • +2

          Got email from TIO:
          "What happens now
          We have given information about your complaint to Optus Mobile.

          Optus Mobile must work with you to see if together you can find a solution to your complaint. Optus Mobile has until the end of the day on 11 October 2022 to do this."

          • +1

            @yoquierotaco: So the TIO's automatic response was to log your complaint and give your info to Optus.

            More gov ineptitude, making things worse. Couldn't possibly be anything to do with root cause.

            Submit your data to us to follow up on the data you gave to them, and got breached. How does giving more of your data to more parties, let alone a party proven unfit to collect PII in the first place.

            If the attacker still has access, which is usually the case, a query to filter everyone that has already raised a complaint is a useful way to for them to sell 'value adds' to the miscreants they are selling the data to. E.g. Would you to subscribe to our 'avoid list' to help you avoid attacking the profiles that are most likely to notice illegal activity on their accounts?

            When the Optus Execs make it through this, they'll be head hunted by all the other negligent corporates mining consumer data.

      • +2

        delaying tactic but i guess its typical

        i think assume the worst

      • +5

        privacy officers be updating their resume this weekend…

    • +11

      https://www.news.com.au/technology/online/hacking/up-to-9-mi…

      "Optus-owned telcos don’t seem to be affected, with a spokesman from Amaysim telling NCA NewsWire the company has not experienced a breach. "

      Keep a very close watch on this as SingTel needs to provide a more detailed debrief than "We are devastated…"

    • +3

      Optus replied to a tweet asking whether Amaysim accounts were included in the hack and they said "No"

      https://twitter.com/Optus/status/1572836246111428609

    • +8

      Aussie Broadband confirmed a couple of hours ago:

      "We have received in writing from Optus that the wholesale platform was not part of the data breach."

      Also noteworthy was the comment that the only data they share with Optus in the first place is mobile number, SIM ID and date of birth. So it seems in their case at least, they're only passing on what's required (for porting) and keeping other customer details to themselves. That's reassuring if also the case for other MVNOs.

    • +1

      https://www.optus.com.au/about/media-centre/media-releases/2…

      Has Amaysim customer data been impacted?
      No. Amaysim customer data is not affected by the cyberattack.

  • +22

    Remember when the government banned Huawei? Well Optus continue to use Huawei enterprise gear all over the place. They're not phased.

    • +10

      Yeah but i doubt it through the Huawei hardware.

      • +30

        Oh I'm not saying it was. More of a somewhat related fact about Optus and their security.

        Other telcos wouldn't touch Huawei gear with a ten foot pole.

        • +3

          I like your new display picture lol

        • +2

          I thought TPG/Voda are quite happy to have Huawei?

          • -1

            @Lord Fart Bucket: There's more than just those 3. Can't say I've ever worked Enterprise for either however.

        • +1

          what is wrong with huawei though

          • +8

            @Needles:

            what is wrong with huawei though

            This should give you an idea. Imagine having the backbone of your communications at the behest of the Chinese Communist Party?

            • +8

              @Lord Fart Bucket: The article didn't present any concrete evidence.

              "The UK government’s decision to ban Huawei 5G equipment and services “had nothing to do with national security,” and was because of American pressure, a former business and industry minister has said."

              https://www.euractiv.com/section/politics/short_news/uk-bann…

              • @Tranquiliser: Australia was the first country to ban Huawei 5G and they were clear it was done on security grounds. The UK government had a different opinion and Australia was lobbying them to ban Huawei along with the US. Intelligence agencies are not in the habit of releasing their evidence to the public as that would compromise their sources. This means we have major governments that supposed the be sharing their intelligence sources coming to very different conclusions.

                • +6

                  @trongy: What do you mean compromising sources? Watched too many Bourne movies?

                  How much do you know about technologies? Enterprises have tones of network monitors, analysers and firewalls running 24/7. If Huawei did build a backdoor in their network devices for unknown purposes, an unknown internet connection wouldn't been blocked and identified in a minute.

                  For years, none has found a back door in Huawei devices. The accusation was groundless and political weapon.

                  • @Tranquiliser:

                    What do you mean compromising sources? Watched too many Bourne movies?

                    What I am saying is that this is how intelligence organisations operate in general. There's nothing fictitious about the existence of intelligence agencies - most nations have them. The ASD is one such intelligence organisation. Intelligence sources could be publicly available information, private communications monitored by the ASD, reverse engineering of the devices by the ASD, or information provided by allied countries intelligence agencies. The government could have evidence or there could be no evidence. I don't expect the truth to be made public in my lifetime.

                    The ASD advised the Australian government to ban Huawei equipment. The director-general of the ASD is has said publicly that it was a security decision. For all I know, he could be lying. I have no way of knowing for sure.

                    How much do you know about technologies?

                    I'm not an expert, but I do have an awareness of how enterprise networks are monitored. I'm also aware of my own ignorance. The superpower nation states are able to recruit some of the smartest scientists and engineers into their intelligence organisations so I would expect them to have the experts.

                    an unknown internet connection wouldn't been blocked and identified in a minute.

                    That is true but I can think of a couple of obvious ways to work around this:
                    - use a known internet connection (e.g. to a third party that has been compromised).
                    - don't use an internet connection ( i.e. use some form of out of band communication).

                    I'm not particularly devious, I would expect intelligence agencies to do come up with ideas that I would never think of.

                    For years, none has found a back door in Huawei devices.

                    Lack of public disclosure does not prove lack of discovery. For example, if NSA has discovered a back door in Huawei equipment I would not expect them to reveal it publicly. If Chinese intelligence discovered back doors in Cisco equipment I would not expect them to reveal it publicly.

                    Lack of discovery does not prove they don't exist. Until the Snowdon leaks, a lot of the NSA's technologies were not known publicly and those that were talked about were considered wild rumours.

                    • -1

                      @trongy: Your workarounds are untrue for enterprise networks. Firewalls and security policies are strictly defined. "Out of band communication" is a fantasy that only exists in your dream.

                      So you admitted there was no concrete evidence.

                      Lack of discovery does not prove they don't exist.

                      Yep, you should be guilty for the crimes that you did not commit, because lack of discovery doesn't prove you are innocent.

                  • @Tranquiliser: Just like they found 2020 US elections were the most secure in History?…What a Joke, just because corrupt or inept people find no back doors does not mean it's not there. Regardless there are backdoors into all systems whose backbone is RSA tech which is 99.999% of the internet. The choice is do you prefer China or the US access to your data. Quantum Computers can crack RSA very quickly and before you say Quantum computing does not really exist yet ask yourself why Estonia is working on developing Quantum antivirus. I'm not saying this hack was done via quantum computing, most likely its an inside job involving blackmail or some other traditional form of gaining access. Time will tell i guess.

                    • +4

                      @Abraxsas: A fun fact is that the backdoors in the Cisco routers were revealed decades ago. However Chinese government did not ban Cisco devices. Instead they continued using Cisco devices as such Cisco enjoyed the biggest market share in China.

                      The choice is do you prefer China or the US access to your data.

                      • Routers have limited computing capacity. It is not possible for routers to decrypt HTTPS traffic at real time.
                      • Routers can't access user data in your computers.

                      Why should I be worried about China or US accessing my data through network devices?

                      Even with a US or TW brand router, it is likely made in China or has Chinese brand chipsets. Without trust, you can't run a business because every employee is potential criminal.

                      • +1

                        @Tranquiliser: Sadly you are right about chipsets there is virtually no avoiding them if you want current tech although TSMC has made moves to start producing in the US so make of that what you will.
                        "Why should I be worried about China or US accessing my data through network devices?"
                        The main reason you don't want either of them accessing your data is to nullify or reduce as much as possible AI building a digital ghost of you which can as is already being used by intelligence agencies to CONTROL you. These programs are way beyond most people's realization, they know you better than you yourself. Generals either former or serving access your data via software such as Shadownet or Pegasus (aka Q) for mostly bad reasons (some exceptions i'm sure) and sell it to third party state actors. The whole premise of "why should i be worried" is really a very Aussie thing to say, like she'll be right…and the simple fact is 99% of us really do trust our "Leaders & Technology" far to easily and for that reason things are heading in a bad direction (The Great Reset). Moves and countermoves being played out right now as imbeciles like Penny Wong play with fire provoking the Russian SuperPower whilst sucking up to the CCP for Help lol
                        Fun Fact: Pegasus is run by the almost 1000 year old Knights of MALTA who coincidently was recently disbanded by POPE Francis who also has recalled all Vatican cash assets from around the world to be sent back to Vatican City by Sep 30th.

                • @trongy: I wouldn't necessarily be so quick to jump to that conclusion…they may have their reasons for doing so that we're not aware of

              • @Tranquiliser: Huawei were caught in 2012 uploading a bunch of traffic data to china then they tried to cover their tracks via a firmware update. This is what has lead to Huawei being banned.

                https://www.bloomberg.com/news/articles/2021-12-16/chinese-s…

                • @ProlapsedHeinous: I already tried that. He believes you need a cyber security degree to even talk security.

                  But look at his previous comments years ago… mostly Huawei. Probably an employee.

            • @Lord Fart Bucket: better than some kid in Europe asking for 1.5 mil after what he's done?

              He probably doesn't know the magnitude of his doing as yet.

              • @Jammar: it's incorrect to assume that's the end of it btw.

        • +3

          Other telcos wouldn't touch Huawei gear with a ten foot pole.

          If it weren't enforced by AU government, I'm sure TPG would embrace Huawei with open arms.

        • -2

          "Other telcos wouldn't touch Huawei gear with a ten foot pole" - evidence? It sounds like you are making spit up, mate.

      • Once Optus has your data, it could easily end up in Singapore. For all we know, it goes there by default.

        Half way to the CCP's bottomless, redundant, data store.

    • +9

      I’d say, identity theft may become a problem.

      Unfortunately, not every state allows a new DL number.

      • +1

        So in this breach Huawei is the weak link ?

        Not saying that at all. Just Optus seem to care less about security than other telcos in my experience when I used to install gear for the major telcos.

        • +2

          Is there anything to substantiate your feelings further than the fact that they used Huawei gear?

          • -1

            @[Deactivated]: Why are you having a sook? It's a simple fact that Optus use Huawei. Do you need proof? Or will that upset you further?

            • +5

              @Clear: Nah lol I know they use Huawei gear mate, I'm just asking if you had any stories about their poor security from your experience, or if you were just basing it on continuing to use Huawei gear….

            • +5

              @Clear: Its also a simple fact that Optus used Huawei for its mobility backhaul and NOT its security or data infrastructure. Lets see what Optus say about the actual breach before sprouting stuff made popular by political propaganda.

              • @FlyingMiffy: People are really offended by saying Optus use Huawei. It's as if you think I'm blaming that when I said I wasn't.

        • +1

          Lol - it's not just optus or telcos. It's all most enterprises in general, including federal and state governments.

          • @Wilson Wallace: Makes you wonder why they even bothered to ban them Huawei for 5G in the first place.

            • +2

              @Clear: The ban was related to national security which back fired so China imposed sanctions and tarrifs on us but it was more so, let's only buy "Western hardware" so America doesn't get upset.

              This hack, is relates to incompetence and processes.

              • @Wilson Wallace: Yup certainly not blaming Huawei for any of this.

              • +1

                @Wilson Wallace: The ban was not related to national secrutiy per se, it was about geo political pressure to contain another country whose political orientation is not the same as ours.

        • +1

          Fed and state have the worst security posture in all of Australia

      • +18

        Exactly. They are like "… sorry your passport number, DL number, DoB, address, email, and phone number have been compromised. But don't worry, your credit card details are safe with us"

        I would rather them take my credit card details. That you can dispute and get the money back, and then get the card easily replaced with just one phone call.

    • +15

      They're not phased? Is that single phased? Three phased? I think you mean fazed, which is something else altogether.

      • Yes.

      • +4

        I just hope they faze out their susceptible hardware and can move on to another faze

        • +7

          You should see the look on their faze

      • +1

        Be careful, Muphry's law is a thing.

    • +1

      Was there any proof huawei was spying on anybody?

      • -3

        https://www.bloomberg.com/news/articles/2021-12-16/chinese-s…

        There's an interesting read about the 2012 incident. I don't know for certain which company it was.

        • +1

          don't just learn from news articles. Learn with your brain

          • @Needles: I pointed out Optus use Huawei nothing more. Then I linked an article describing why the government had banned Huawei from 5G. So what's your problem? Are neither of these true?

            • +7

              @Clear: They never release any proof Huawei was spying for the Chinese Government, but Edward Snowden release a lot of proof that the US government was spying on its citizens and others.

              • +2

                @ItchyBallsack: And you believe that China would never use hardware from their country to spy on others? Like how the NSA used Cisco gear.

                The accounts that don't vote or post are out in force to discredit that China does anything bad. Poor shills.

                • +5

                  @Clear: @Clear: i will only believe it when i see solid evidence, like what snowden provided.

                  • +2

                    @ItchyBallsack: By definition, most governments won't release the proof you are looking for, as it would either anger China for no good reason, or reveal how the proof was gathered.

                    The evidence we do have is that Chinese companies are required by law to provide the Chinese government access to their systems and information wherever it is deemed necessary for national security reasons, which pretty much means any reason they like.

                • +3

                  @Clear: We are way off topic here, but the banning of Huawei gear was a joke to anyone who had read up on the Snowden papers. The yanks used a lot of Cisco stuff to spy on their supposed friends, including for industrial espionage (the deal seemed to have been that US tech companies help the NSA and in return the NSA help nobble foreign competition). To be fair, I suppose the ease with which the yanks did that is what led us to think that the Chinese would do it too.

                  • +1

                    @derrida derider: You definitely have to assume that what the US does, China does as well with their Chinese brands.

          • +2

            @Needles: How do you learn about this with just your brain?

      • +7

        Staff from ASIO, DFAT and all three branches of Military intelligence have submitted tens of thousands of examples of spying attempt's and breaches through Huawei equipment to the various Senate Committees over the last decade. Not just in context of it happening here in Australia, but of it targeting Australian interests overseas and attempts to target the interests of our Five Eyes alliance members in Australia, too. How much of it has been declassified for public consumption though is likely fairly limited, for obvious reasons.

        • +9

          yes that's the same way how the American provided ten and thousand evidence of WMD in Iraq. All they found was gold and oil.

        • -1

          Dunno how so many people here fail to believe it. Conspiracy theory could be that the Huawei employees are out in force.

          • @Clear: The more you know about technologies, the clearer you will know the accusation against Huawei is total BS.

            Check this out:

            "The UK government’s decision to ban Huawei 5G equipment and services “had nothing to do with national security,” and was because of American pressure, a former business and industry minister has said."

            https://www.euractiv.com/section/politics/short_news/uk-bann…

            • +1

              @Tranquiliser: That's not Australia where there really was a breach.

              • +1

                @Clear: A breach? Between 1 April 2018 and 31 March 2019 the Office of the Australian Information Commissioner (OAIC) received almost 1000 data breach notifications. None of them was caused by infrastructure hardware.

                • -2

                  @Tranquiliser:

                  None of them was caused by infrastructure hardware.

                  Who said there were any?

                  • @Clear: How many incident reports have you seen?
                    Which report indicates an incidents was related to infrastructure hardware?
                    Have you done any cybersecurity training at least?

                    You wouldn't ask this question if you have relevant qualifications.

                    • -1

                      @Tranquiliser: I think a better question is who said an incident was related to infrastructure hardware before asking which report.

            • @Tranquiliser: Thats exactly right. The more the tech is the focus, the more obvious that it had nothing to do with the tech. I get annoyed with hypocrisy and the righteous condemnation from people who see only the world in black and white.

        • All data breaches must go through some network hardware, Cisco is the largest, followed by Huawei, HPE, Jupiter and others.

          The accusation of spying attempt's and breaches through Huawei equipment is meaningless, as if it is saying thousands of criminals went through a highway to victims as such the builder of the highway is guilty.

          • +1

            @Tranquiliser: Not when the firmware comes from huawei to be remotely installed to hide tracks. Im sure theres some sort of digital signature required to allow hardware to be updated remotely. Huawei were bad at covering their tracks though, as parts of the software used to harvest traffic data were found when the piece of hardware in question was forensically examined. All companies that work for china have to do whatever the CCP say. There is no chinese made software that is safe from government intrusion.

            • @ProlapsedHeinous: Don't be paranoid. Do you want your devices never be patched with security update? Even wonder why Windows update is enforced? Even your phone can update apps for you automatically.

              All companies comply with China's domestic policies for products sold in China.

              • E.g. Facebook was used to organise a riot in XinJiang back in 2009 where hundreds of innocent civilians were killed. A small scale of 911 if it makes sense. China's government asked Facebook to assist tracking down the rioters, Facebook rejected and claimed those criminals were freedom fighters. So next year Facebook was kicked out of China.

              • The domestic policies don't apply overseas. This is the reasons sometimes you see products exported from Chinese don't sell in China.

              China makes profits from manufacturing selling products. Google makes profits from collecting user data and selling ads. Different business models.

              parts of the software used to harvest traffic data were found

              What traffic data? As I said before, unless you put a Quantum CPU into a router otherwise your router can't decrypt any user data in the network traffic.

      • +4

        The NSA material leaked by Edward Snowden revealed that the US goverment was installing back doors to facilitate spying into the telco equipment that US companies sold to other countries. Australia has an information sharing agreement with the US through the Five Eyes programme. Even if the Chinese equipment was not used for spying, the Australian would lose access to the information that they could otherwise gather from phone networks built with US eqipment.

        Even if there is no evidence, from a security perspective you need to assume that foreign governments are spying to the limit of their capability. If you wait for evidence you could be 10 years too late.

        • -2

          Even if there is no evidence, from a security perspective you need to assume that foreign governments are spying to the limit of their capability. If you wait for evidence you could be 10 years too late.

          Whoa careful saying that around here. According to Tranquiliser you need a cyber security degree to say such a thing.

          But seriously how do people not see this. Given that the majority of OzBargain users are Chinese what are the chances they're being pro-CCP by trying to downvote anyone that suggests otherwise. There's already a lot of store influence here.

          That's enough tinfoil hat talk from me.

    • +2

      Data transmission is encrypted in the software layer. From network hardware perspective, the data carried is a sequence of meaningless 0 and 1 at its best.

      I suspect a high-level administrator account in OPTUS was leaked, therefore the intruder had been granted to access to all user profiles in the database.

      Don't blame the legs when your brain malfunctions.

      • Who said I blamed Huawei? I didn't.

      • Data taps, and keys.

        The rest doesn't take much, other than legislation after the fact to allow you to collect and search. And if you can't get the keys, all you need is some serious compute.

        No shortage of that in the toolboxes of most States.

    • +1

      Fazed? or is it phase they are going through?

    • +1

      https://twitter.com/Jeremy_Kirk/status/1573833092942348288 "The Australian government is swiftly moving to address data security concerns in light of the Optus breach"

      • +2

        Hope the Australian government can impress upon the Victorian government to issue new driver licences to those impacted.

      • +1

        I think they will require banks and/or other financial institutions to sight at least 2 forms of ID or verify online 2 forms through the government portal.

        So it will he hard for these hackers to apply for a line of credit unless they have your other id documents

        Also my understanding the government will require optus to provide some type of details of the people affected to banks so they can do their due dilligence to prevent any financial fraud. So likely if some hacker tries to apply for credit, a red flag will alert the bank and they would contact the customer for further id verification

  • +48

    I would hope that at some point they provide more information about who is in the Optus customer information database. The press release refers to past customers, but is it just recent past customers, or every customer Optus has had ever? And when it refers to Optus customers, is that only customers who were directly Optus customers, or does it include customers of Optus MVNOs like dodo and Circles and Amaysim and Spintel?

    Plus the questions needs to be asked why Optus saved information we only gave it to pass an ID check. Once you've passed there is no legitimate reason for any phone company to hold onto it. That just creates the opportunity for someone to steal it.

Login or Join to leave a comment