Optus, one of the largest service providers in Australia, disclosed a data breach. The intruders gained access to the personal information of both former and current customers.
The company is a subsidiary of Singtel with 10.5 million subscribers as of 2019.
“Following a cyberattack, Optus is investigating the possible unauthorised access of current and former customers’ information.” reads the data breach notification. “Upon discovering this, Optus immediately shut down the attack.”
The company notified the Australian Cyber Security Centre which is helping it to mitigate any risks to customers. Optus has also notified the Australian Federal Police, the Office of the Australian Information Commissioner and key regulators.
Information that may have been exposed includes names, dates of birth, phone numbers, email addresses, Octus added that for a subset of customers, addresses, ID document numbers such as driver’s licence or passport numbers may have been compromised. Payment details and account passwords have not been exposed in the attack.
Optus services, including mobile and home internet, are not affected, and attackers did not access to messages and voice calls.
The company did not disclose details of the security breach.