Optus data breach: FBI involved as hackers begin releasing customer records

Attorney-General Mark Dreyfus made the comments during Question Time in Parliament today in response to a question from MP Peter Kahlil.

Mr Dreyfus said the release involved Australian citizens' names, date of birth, phone numbers, email addresses, residential addresses and for some customers, passport numbers and driver's license numbers being for sale on the dark web.

The hackers allegedly released 10,000 Optus customer records and threatened releasing more, unless a $1.5 million ransom is paid within the week, ACM understands.

The cyber attackers have threatened to release a 10,000 new records each day until their demands are met.

"We were concerned this morning about reports that personal information from the Optus data breach apparently also includes Medicare numbers. Medicare numbers were never notified as forming part of the breach," Mr Dreyfus said.

"Australians expect that when they hand over their personal data, every effort will be made to keep it safe from harm. We know that millions of Australians have been impacted by the Optus data breach and it is a data breach which should never have happened."

READ MORE: Optus cyber attack: What to do if your data is stolen, compromised

He said the government was working to address the consequences of the breach.

"In particular, the Australian Federal Police is devoting huge effort with a large number of officers working on this. The Australian Federal Police is working with industry, working with state and territory police forces and also working with the FBI to address the consequences of this breach."

Scamwatch has warned Australians that scammers are trying to cash in on the breach.

It has warned consumers to be aware of a scam claiming you're eligible for financial compensation for identity theft that is doing the rounds.

Meanwhile, Home Affairs Minister Clare O'Neil has expressed her concern around the data breach.

"I am incredibly concerned this morning about reports that personal information from the Optus data breach, including Medicare numbers, are now being offered for free and for ransom," she said in a statement and on Twitter.

"Medicare numbers were never advised to form part of compromised information from the breach.

"Consumers have a right to know exactly what individual personal information has been compromised in Optus' communications to them. Reports today make this a priority."

Optus fell victim to a cyber attack on Thursday, with the private details of almost 10 million customers stolen.

The massive data breach saw information including dates of birth, passport and driver licence numbers and addresses taken from the telco giant.

Cybersecurity expert Nigel Phair told Sunrise on Tuesday the hardest part for customers will be understanding if you've become a victim.

"Unless you are looking through the dark web and trying to find where this is, you won't know at all," he said.

"It'll be interesting to see what data they actually release. Some of it is more sensitive than others, dates of birth and addresses, things like Medicare numbers and passport numbers by themselves are less sensitive if it comes to identity."

It comes as Australian law firm Slater and Gordon explores the possibility of a class action against the telco.

The incident is under investigation by the Australian Federal Police however, on Tuesday the AFP declined to confirm to ACM if data was being released by hackers.

The AFP has launched Operation Hurricane to gather evidence and work with overseas law enforcement to identify the offenders behind this attack, it said in a statement.

The AFP will not divulge what information it has obtained in the first few days of Operation Hurricane, the statement said.

IN OTHER NEWS

AFP Assistant Commissioner Cyber Command Justine Gough said the investigation will be extremely complex and very lengthy, but that the AFP specialised in investigations of this type.

"The AFP is monitoring the dark web using a range of specialist capabilities. Criminals, who use pseudonyms and anonymising technology, can't see us but I can tell you that we can see them," she said.

"A key focus, which we have had success in the past, is to identify those criminals."

Optus has now sent email or SMS messages to all customers whose ID document numbers, such as licence or passport number, were compromised because of the cyberattack, Optus said on Monday.

"We continue to reach out to customers who have had other details, such as their email address, illegally accessed," the company said in a statement.

The most-affected current and former customers will be offered a free 12-month subscription to Equifax Protect.

"Equifax Protect is a credit monitoring and identity protection service that can help reduce the risk of identity theft," Optus said in a statement.

These customers will be contacted by Optus in coming days.

"No communications from Optus relating to this incident will include any links as we recognise there are criminals who will be using this incident to conduct phishing scams," the telco said.

Optus said no passwords or financial details have been compromised.

Customers' names, dates of birth, phone numbers, email addresses, driver's licence numbers, passport numbers or addresses could have been accessed in the attack, Optus confirmed.

Scamwatch issued an immediate alert to Optus customers.

If you are or were an Optus customer who may have been affected and wish to register your interest in Slater and Gordon's investigation, or for further information, visit www.slatergordon.com.au/optus.