A new cyberattack has hit the headlines around the world as the private details of more than 10,000 Optus customers have been made public following a significant data breach that impacted millions of Australian customers last week.
Optus is an Australian telecoms company and the country’s second-biggest wireless service provider, with over 10 million customers. As well as operating its own brand, it holds several subsidiaries that offer services to private customers, end users, and third-party service providers. Services offered include wireless and broadband internet, mobile phone connections and internet, and satellite communications services.
On Thursday, 22 September, the company publicly declared that some 10 million people’s data, almost all of their client base, had been accessed via a cyberattack. The data breach includes names, dates of birth, ID documents, driving license numbers, and addresses. The hackers behind the breach then published some 10,000 private records online and demanded a massive ransom of more than AUD 1.5 million. They said that if the ransom were not paid, they would continue releasing tranches of data to the public.
But within a few hours, the hackers appeared to back down and retract their demand. A message published online said “sorry” to those whose data was leaked and promised not to post anymore, saying it was a mistake. They also claimed to have deleted the only copy of the data.
While no more data has been released, it is not known if the rollback of threats is legitimate or what could have triggered such a change of heart. Furthermore, while millions of people’s private information may be safe for now, the 10,000 who were violated remain at risk.
Why companies must protect customers
Fraud has been on the up since 2018 onwards the number of cyber-attacks increased by around 42% from the previous year, marking a significant intensification and causing concern for companies. As the world of business and even our societies become even more digitalized, the threat of attacks grows as more and more people put their private and sensitive data online. This means companies must take steps to protect their clients and systems from unauthorized access.
For example, in cases of exploiting vulnerabilities, companies must use all available tools to help them, and their teams remain aware. This means using data analytics tools like tableau and AI to monitor all activity and to note suspicious behavior, such as logins from unusual IPs or those that have been blacklisted. It can also include digital tools to monitor databases and networks for unexpected or suspicious access, along with downloads of data or modifications.
But it is not just hacking that causes a problem, transaction fraud costs companies billions annually and can be notoriously difficult to combat, as the number of online payments increases, it becomes harder for companies to avoid issues like fraudulent chargebacks, the use of stolen data, or the creation of accounts with fake details. Ways of fighting back include enriching customer data, leveraging the power of social media for lookups, using fraud scores, and enlisting help from machine learning to analyze data, enabling it to identify suspicious activity when it occurs.
Other notable cases
On 15 July 2022, the Albanian government was targeted by a cyberattack that brought all of its websites offline, as well as the e-Albania portal that provides all government services to citizens and residents of the European country. The attack was unlike anything they had seen before, and local IT experts struggled to retain control of vital government systems.
They drafted in experts from NATO, the EU, and the White House, including the FBI, to help them mitigate the damage. After several days, most systems were brought back online, but many IT infrastructures still grappled with issues with speed and correct functioning. Then, in September, they came under siege again, but this time it was the border and immigration systems that were hit. Anyone wanting to leave or enter the country and all customs functions suffered in an attack that lasted several days.
Again, experts were able to bring systems back online within hours, but weeks later, issues still persist. But not only were government systems attacked, but the hackers set up a Telegram channel where they published large swathes of sensitive information. These included the movements of senior officials and police, sensitive communications between politicians and diplomats, information from the intelligence authorities on investigations and sensitive geopolitical matters, and other data on wanted criminals.
The attack sent shockwaves through Albanian society, which was still reeling from the publication of voters’ personal data, including name, date of birth, phone number, employer, salary, car registration, and even potential voting preference, in a series of leaks before the general elections. The White House, the Albanian government, and Microsoft, who were involved in assisting, pointed the finger at a third country for the hacks, leading to the severing of all diplomatic ties.
Also, in September, ridesharing platform Uber discovered it had been hacked after one of the cybercriminals announced it on the company’s Slack channel. The criminal also said they had accessed databases and essential data, but it seems to have been limited to just one employee’s account. Uber made the hack public despite fears of repeating the past when it failed to report a previous attack, resulting in a lengthy court battle and a financial penalty.
In August, the media server app Plex was compromised, and customers’ personal data, including passwords, email addresses, and usernames, was violated. The company assured its millions of users that the situation had been addressed and secured. However, it still urged them to change