The Times Australia
The Times World News

.
The Times Real Estate

.

The 'Optus hacker' claims they've deleted the data. Here's what experts want you to know

  • Written by Jennifer J. Williams, PhD Candidate, Macquarie University
The 'Optus hacker' claims they've deleted the data. Here's what experts want you to know

Shortly after Australian telecommunications company Optus announced the identity data of millions of customers had been stolen, a person claiming to be the hacker announced they would delete the data for US$1 million.

When Optus didn’t pay, the purported hacker published 10,000 stolen records and threatened to release ten thousand more every day until the ransom deadline. These leaked records contained identity information such as driver’s license, passport and Medicare numbers, as well as parliamentary and defense contact information[1].

A few hours after the data drop, the purported hacker unexpectedly apologised[2] and claimed to have deleted the data due to “too many eyes”, suggesting fear of being caught. Optus confirms they did not pay the ransom[3].

They’ve said they deleted the data – now what? Is it over?

Communication from the person claiming to be the hacker and the release of 10,200 records have all occurred on a website dedicated to buying and selling stolen data.

The data they released are now easily available and appear to be legitimate data stolen from Optus (their legitimacy has not been verified by Optus or the Australian Federal Police; the FBI in the United States has now been called in[4] to help the investigation).

The question then is – why would the hacker express remorse and claim to delete the data?

Unfortunately, while the purported hacker did appear to possess the legitimate data, there is no way to verify the deletion. We have to ask: what would the hacker gain from claiming to delete them?

It is likely a copy still remains, and it’s even possible the post is a ploy to convince victims not to worry about their security – to increase the likelihood of successful attacks using the data. There is also no guarantee the data were not already sold to a third party.

What next?

Whatever the motivations of the person claiming to be the hacker, their actions suggest we should continue to expect all records stolen from Optus do remain in malicious hands.

Despite the developments, recommendations still stand[5] – you should still be taking proactive action to protect yourself. These actions are good cyber hygiene practices no matter the circumstances.

Read more: What does the Optus data breach mean for you and how can you protect yourself? A step-by-step guide[6]

An extra measure offered recently is changing your driver’s license number[7], ordering a new passport[8] and Medicare card[9].

However it is unclear at this early stage whether free options to change these documents will be made to all data breach victims, or only a subset of victims.

Can I find out whether my data were part of the 10,200 leaked records?

Reports of people being contacted by scammers[10] suggest they are already being used.

Troy Hunt, the Australian cyber security professional who maintains HaveIBeenPwned[11] – a website you can use to check whether your data are part of a known breach – has announced he will not add the leaked data to the site[12] at this stage. So this method will not be available.

The best course of action in this case is to assume your data may have been released until Optus notifies people in the coming week[13].

Are the released data already being used?

The least technically sophisticated method of targeting Optus customers is to use the details to make direct contact and ask for a ransom. There are reports blackmailers are already targeting breach victims[14] via text message, claiming to have the data and threatening to post it on the dark web unless the victim pays.

The data have already leaked and claims about deleting the data are untrue. Paying anyone who makes these claims will not increase the security of your information.

Data recovery scams – where scammers target victims offering help to remove their data from the dark web or recover any money lost for a fee – have also become prominent[15]. Instead of helping, they steal money or obtain more information from the victim. Anyone who claims to be able to scrub the data from the dark web is claiming to put toothpaste back in the tube. It isn’t possible.

The data could also be used to identify family members to make the “Hi Mum[16]” or family impersonation scam more convincing. This involves scammers posing as a family member or friend from a new phone number, often using WhatsApp, in need of urgent financial help. Anyone receiving this kind of text message should make every effort to contact their family member or friend by other means.

What else can my data be used for?

The scams involved with these data will only grow in the coming days and weeks and may not be confined to the digital world.

Other possible uses involve activities like attempting to take over valuable online accounts or your SIM card, or setting up new financial services and SIM cards in your name. The advice we provided in our previous article[17] applies to these.

Additionally, anyone with reason to be concerned about physical safety if their location is known (for example domestic abuse survivors) should consider the possibility that their names, telephone numbers and address may have leaked or may in the future.

If you have been the victim of fraud or identity theft as a result of this breach or any others, you can contact IDCare[18] for additional aid and Cyber Report[19] to report the crime.

References

  1. ^ parliamentary and defense contact information (www.theguardian.com)
  2. ^ unexpectedly apologised (www.abc.net.au)
  3. ^ did not pay the ransom (www.theguardian.com)
  4. ^ has now been called in (www.afr.com)
  5. ^ recommendations still stand (theconversation.com)
  6. ^ What does the Optus data breach mean for you and how can you protect yourself? A step-by-step guide (theconversation.com)
  7. ^ changing your driver’s license number (www.theguardian.com)
  8. ^ ordering a new passport (www.passports.gov.au)
  9. ^ Medicare card (www.servicesaustralia.gov.au)
  10. ^ people being contacted by scammers (eftm.com)
  11. ^ HaveIBeenPwned (haveibeenpwned.com)
  12. ^ not add the leaked data to the site (twitter.com)
  13. ^ Optus notifies people in the coming week (www.linkedin.com)
  14. ^ already targeting breach victims (www.theguardian.com)
  15. ^ have also become prominent (7news.com.au)
  16. ^ Hi Mum (www.accc.gov.au)
  17. ^ our previous article (theconversation.com)
  18. ^ IDCare (www.idcare.org)
  19. ^ Cyber Report (www.cyber.gov.au)

Read more https://theconversation.com/the-optus-hacker-claims-theyve-deleted-the-data-heres-what-experts-want-you-to-know-191494

The Times Features

How to Protect Your Garden Trees from Wind Damage in Australia

In Australia's expansive landscape, garden trees hold noteworthy significance. They not only enhance the aesthetic appeal of our homes but also play an integral role in the local...

Brisbane Homeowners Warned: Non-Compliant Flexible Hoses Pose High Flood Risk

As a homeowner in Brisbane, when you think of the potential for flood damage to your home, you probably think of weather events. But you should know that there may be a tickin...

Argan Oil-Infused Moroccanoil Shampoo: Nourish and Revitalize Your Hair

Are you ready to transform your hair from dull and lifeless to vibrant and full of life? Look no further than the luxurious embrace of Argan Oil-Infused Moroccanoil Shampoo! In a...

Building A Strong Foundation For Any Structure

Building a home or commercial building can be very exciting. The possibilities are endless and the future is interesting. You can always change aspects of the building to meet the ...

The Role of a Family Dentist: Why Every Household Needs One

source A family dentist isn’t like your regular dentist who may specialise in a particular age group and whom you visit only when something goes wrong. A family dentist takes proa...

Benefits of Getting an Online Medical Certificate

Everyone has experienced it. Rather than taking a break, you drag yourself to the doctor's office, where you have to wait in lengthy lines, and then you have to hurry to get that...

Times Magazine

"Eternal Nurture" by Cara Barilla: A Timeless Collection of Wisdom and Healing

Renowned Sydney-born author and educator Cara Barilla has released her latest book, Eternal Nurture, a profound collection of inspirational quotes designed to support mindfulness, emotional healing, and personal growth. With a deep commitment to ...

How AI-Driven SEO Enhancements Can Improve Headless CMS Content Visibility

Whereas SEO (search engine optimization) is critical in the digital landscape for making connections to content, much of it is still done manually keyword research, metatags, final tweaks at publication requiring a human element that takes extensiv...

Crypto Expert John Fenga Reveals How Blockchain is Revolutionising Charity

One of the most persistent challenges in the charity sector is trust. Donors often wonder whether their contributions are being used effectively or if overhead costs consume a significant portion. Traditional fundraising methods can be opaque, with...

Navigating Parenting Arrangements in Australia: A Legal Guide for Parents

Understanding Parenting Arrangements in Australia. Child custody disputes are often one of the most emotionally charged aspects of separation or divorce. Parents naturally want what is best for their children, but the legal process of determining ...

Blocky Adventures: A Minecraft Movie Celebration for Your Wrist

The Minecraft movie is almost here—and it’s time to get excited! With the film set to hit theaters on April 4, 2025, fans have a brand-new reason to celebrate. To honor the upcoming blockbuster, watchfaces.co has released a special Minecraft-inspir...

The Ultimate Guide to Apple Watch Faces & Trending Wallpapers

In today’s digital world, personalization is everything. Your smartwatch isn’t just a timepiece—it’s an extension of your style. Thanks to innovative third-party developers, customizing your Apple Watch has reached new heights with stunning designs...

LayBy Shopping