A significant attack of the second-largest provider in Australia may have exposed sensitive information on over 10 million of its customers, the company said on Friday. A “sophisticated” adversary, according to Optus CEO Kelly Bayer Rosmarin, was responsible for a breach that gave hackers access to data on as many as 9.8 million people.
Customers’ names, birth dates, phone numbers, and email addresses, as well as some license and passport numbers, were among the information that was accessed.
The Singapore-owned company claims that no bank account information or passwords were stolen. Although it is still unclear if the attack was carried out by a state-based organization or a criminal gang, Bayer Rosmarin claimed that no ransom demand had been made.
She added that police and the Australian government were looking into the matter and that it was too early to rule out any possibilities. The identity of the attackers and their intended use of the material are yet unknown.
Nearly half of all Australians who could have been affected were alerted by the Australian Competition and Consumer Commission that they might be at danger of identity theft.