Dive Brief:
- The threat actor behind last week’s cyberattack against Optus reportedly rescinded their $1 million ransom demand and claims to have deleted the data stolen from Australia’s second-largest wireless provider, the Guardian reported.
- The alleged cybercriminal leaked records on 10,000 individuals and threatened to release more before backing off of the ransom demand. One in 10 organizations hit by ransomware in 2021 paid at least $1 million in ransoms, according to Sophos.
- The attack on Optus was an “unprecedented theft of consumer information in Australian history,” Clare O’Neil, minister for home affairs and cyber security in the Australian federal government, said in an interview with the Australian Broadcasting Company.
Dive Insight:
Australian government officials contested claims from Optus executives that the cyberattack was carried out by a sophisticated threat actor.
O’Neil described it as “quite a basic hack,” adding that nearly half of all Australian adults had personal data compromised by the attack.
“We should not have a telecommunications provider which has effectively left the window open for data of this nature to be stolen,” O’Neil said.
Of the nearly 10 million individuals whose personal data was compromised by the attack, 2.8 million people have had extensive personal data stolen, according to federal authorities.
“What this effectively amounts to is 100 points of ID check and so the scope for the identity theft and fraud is quite significant in particular for those 2.8 million Australians,” O’Neil said.
The Australian Federal Police said it’s working with Optus and authorities in the United Kingdom, the U.S., Europe, and Africa to identify the culprits and protect Australians from identity fraud resulting from the attack.