Sep 28 2022
The last several days have been a rollercoaster of information, regarding the Optus Data Breach. From a technical perspective, we break down what happened (or is alleged to have happened) and what to do.
How did it happen?
Allegedly the ‘hacker’ accessed the information by a vulnerability in Optus’ security protocols. However, Optus refutes these claims and maintain that this was a sophisticated attack by a highly skilled scammer.
Regardless of which is true, accessing basic personal information from a large corporation is clearly possible.
As the news of this fallout has continued, the likelihood that this was a sophisticated attack seems less likely. The alleged ‘attacker’ has since apologised for the 10,200 names that were released. They have promised not to sell any information and have deleted the files.
Although the attacker has stated these files have been deleted, customers should still be wary that the information may still be available somewhere, such as on the Dark Web.
The Dark Web is an area of the internet that normal internet-goers do not access. The platform is widely used for illegal activity including the sale of personal information. There is an online marketplace dedicated to the sale of data. Attackers will pay for quality and real information to use for phishing scams or spam attacks and other things of the like.
Can it happen again?
Absolutely. Unfortunately, even with sophisticated security protocols in place, there are even more sophisticated hackers and programs designed to get around them. Large corporations such as Optus do have solid firewalls and other security measures in place. However, as we know are not infallible.
Staying vigilant as an individual is paramount. Looking for signs of phishing scams, avoiding clicking on links that have been sent directly to you, and looking for other signs that what is presented to you isn’t quite right good practice.
What do I need to do?
If you are one of the 10,200 customers that have been affected by this data breach, you can now get a new driver’s license free of charge.
NSW customers can visit the Service NSW app and receive a new license instantly.
QLD license holders can expect new licenses and numbers issued free of charge also, upon providing an Optus data breach notice at a Queensland Transport Customer Service Centre.
Victorian customers need to reach out to VicRoads to have their license flagged. Customers will need to provide multiple points of ID, for a new new license to be issued.
Other states such as WA are requesting a police report for the re-issue to take place, SA can access via their app mySAGOV, and the ACT can simply go and change their license. Tasmania has not yet determined how they will re-issue new licenses yet.
The AFP has set up Operation Hurricane to track down the attacker and prosecute them for the current data breach.
Over the coming weeks and months, the true scope of what happened and who was to blame will hopefully come to light and we hope that Optus has taken this incident as a stern warning to better protect the valuable information that their customers are expected to provide.
Like this article? Follow us on Facebook for more info, tips and tricks!
