Optus customers whose passport or driver’s license numbers have been stolen in a massive data breach are being contacted amid warnings scammers will try to cash in on the cyberattack.
The telecom company is contacting customers about the breach and prioritizing those whose identification documents may have been compromised.
WATCH THE VIDEO ABOVE: Optus Suffers a Serious Data Breach
Watch the latest news on Channel 7 or stream for free on 7plus >>
Those customers will be notified by Saturday, while those not affected should be contacted last on the list.
Optus also warned that its text messages or emails to customers do not include internet links. So if someone sees a link, it could be set up for a scam. “Please do not click any links,” Optus said in a statement Saturday.
The Australian Federal Police are also investigating reports that stolen customer details and identification numbers could be up for sale via a number of forums, including the dark web.
A post on a privacy breach forum claimed that two files containing customer information would be sold if Optus didn’t pay a $1 million (US$1.53 million) ransom within a week.
“The AFP uses specialized skills to monitor the dark web and other technologies and will not hesitate to take action against those who break the law,” a spokesman said.
Anyone who buys stolen ID cards faces up to 10 years in prison.
Optus also warned that its cyberattack announcement on Thursday could unleash a spate of scams by criminals, including phishing calls, emails and text messages.
“As the cyber attack is now under investigation by the Australian Federal Police, Optus is unable to comment on certain aspects of the incident,” it said.
“In light of the investigation, Optus will not comment on the legitimacy of any customer data it claims is held by third parties and urges all customers to exercise caution in their online transactions and dealings.”
No passwords or financial data were compromised in the attack, which Optus Vice President Andrew Sheridan described Friday as “very sophisticated.”
About 9.8 million customers were affected, but human error was not responsible for the breach, he said.
Optus, which began contacting millions of customers on Friday, has apologized for the breach.
The telecom company said spreading information through news channels is the “fastest and most effective way” to alert customers and communicate the seriousness of the situation.
https://7news.com.au/technology/optus/optus-issues-fresh-warning-as-15m-ransom-threat-is-investigated-do-not-click-c-8342465 Optus Issues New Alert as $1.5M Ransomware Under Investigation: ‘Don’t Click’