A hacker has taken to an online forum where data is bought and sold to seek $1 million from Optus to not release the data obtained in Wednesday’s Cyber Attack on the Australian Telco.
The user known only as “optusdata” posted detailed information in the forum, including links to samples of the data to prove it’s authenticity.
First brought to light in Australia by security researcher and reporter Jeremy Kirk, the claimed sample data includes hundreds of lines of information from two separate files.
They claim one file contains 11.2 million users, the second 10 million.
While it’s likely there are many duplicates across the two files, it’s safe to say there’s far more details exposed than has first been reported.
To validate this claim, EFTM has obtained samples of the data.
We have cross referenced the data with previous hacks, to find user information not already available to scammers and hackers. I then personally called several people, some of whom were shocked and hung up, others confirmed the details on file were accurate.
Michelle from Sydney’s northern beaches told EFTM the data we read out from the file, including her Address, Date of Birth and Drivers Licence Number were accurate.
Another user Wayne told us he was no longer an Optus Customer but had previously owned an Optus pre-paid data hotspot.
Within the file containing 11.2 million users, “optusdata” claims 4.2 million have an ID number of some sort, 3.6 million are drivers licences.
They also claim 4.3 million have an active Optus subscription, and 6.5 million of the 11.2 million users were mobile subscription.
In the second file containing 10 million lines of information there was also 3.2 million containing a drivers licence.
“Optusdata” says “Optus if you are reading! price for us to not sale data is 1.000.000$US! We give you 1 week to decide.“
After that week, the user will look to sell the data, in bulk for $1m, or in smaller groups priced at up to $300 USD per user.
That’s the value of your personal information folks – up to $300.
EFTM contacted Optus for comment, they told us that as an AFP investigation was underway they were limited in what they can say, however they did re-iterate the warning that this attack is likely to trigger a number of claims and scams from criminals seeking to benefit financially, including through:
The advice remains to be vigilant with regard to any emails that seem to have your personal information as verification.
Trev is a Technology Commentator, Dad, Speaker and Rev Head.
He produces and hosts several popular podcasts, EFTM, Two Blokes Talking Tech, Two Blokes Talking Electric Cars, The Best Movies You’ve Never Seen, and the Private Feed. He is the resident tech expert for Triple M on radio across Australia, and is the resident Tech Expert on Channel 9’s Today Show and appears regularly on 9 News, A Current Affair and Sky News Early Edition.
Father of three, he is often found in his Man Cave.
Gaming lifestyle brand Razer has launched their new esports-focused Viper V4 Pro gaming mouse and…
Eddie Murphy plays an African Prince - and more, in this romantic comedy. A story…
If you thought LEGO had found all the iconic places, things and brands to partner…
Microsoft has had a rough couple of years with Xbox, but with a change of…
Alongside their gaming announcements, ASUS has also announced their new lifestyle range with a new…
The Nothing Phone (4a) series was announced last month, Trevor has just checked out the…