Millions of Optus customers left exposed to hackers by a massive security breach are demanding their bills be waived as compensation.
Australia’s second-largest telco revealed that 2.8 million customers’ passport and driver’s licence numbers, email and home addresses, dates of birth and telephone numbers were stolen by hackers on Thursday.
Another seven million people’s dates of birth, email addresses and phone numbers were also leaked.
Optus customers are demanding their bills be waived after a massive cyber attack saw 10 million people’s information leaked
The massive breach is believed to be one of the biggest cyber attacks in Australian history, with criminals taking advantage of a weakness in Optus’s firewall.
The apparent weakness has left customers, past and present, exposed to criminal activity, with many concerned their very private information will be leaked on the dark web.
Now some customers are demanding Optus provide free services for an entire year to make up for the stress caused.
‘How many free years of service am I receiving for you allowing my personal information onto the darkweb?,’ one person wrote on Twitter.
Optus customers’ passport and drivers licence numbers, email and home addresses, dates of birth and telephone numbers were leaked in a massive hack on Thursday
‘Give us free (sports streaming) and waive the next bill ya dumb dogs,’ another said.
‘So my bill this month needs to be free,’ another wrote.
Optus chief executive Kelly Rosmarin said the company is working with the Australian Federal Police to investigate the attack.
‘We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,’ Ms Rosmarin said in a statement.
People are demanding Optus provides free services and cuts bills after an apparent weakness in its firewall saw millions of customers’ information leaked (pictured, example Optus bill)
‘As soon as we knew, we took action to block the attack and began an immediate investigation. While not everyone may be affected and our investigation is not yet complete, we want all of our customers to be aware of what has happened as soon as possible so that they can increase their vigilance.
‘We are very sorry and understand customers will be concerned. Please be assured that we are working hard, and engaging with all the relevant authorities and organisations, to help safeguard our customers as much as possible.’
Ms Rosmarin said no payment information was leaked but urged customers to monitor their bank accounts and flag any suspicious activity.
Scamwatch said Optus customers should monitor their devices and financial accounts, change online passwords and enable multi-factor authentication, put limits on bank accounts and request a ban on their credit report if fraud is suspected.
Chief strategy officer at cyber-security firm CberCX Alastair MacGibbon said Optus customers need to stay on high alert.
‘Personal information has been stolen,’ he told the ABC.
‘A lot of personal information for several million people and slightly less information for about 6 million more.
‘They should be looking for whether criminals are mimicking them, or stealing their identity, or trying to obtain credit in their name.’
He said one way breached customers can protect themselves against financial fraud is by paying for their credit usage to be monitored.
‘That way you will be monitored by credit monitoring services if someone has been using your name and other details to obtain credit,’ Mr MacGibbon said.