In response to a $1 million ransom demand, a post on an internet forum claimed to have exposed 10,000 customer records from the recent data breach. Kelly Bayer Rosmarin, the CEO of Optus, stated that the federal police are “all over” the situation. Later, the comment was removed, with a claim that the author had deleted the data and would not sell it to anyone.
The alleged attacker threatened to reveal 10,000 documents daily if Optus did not pay the ransom
In a text file shared on Monday, the alleged attacker threatened to reveal 10,000 documents daily for the next four days if Optus did not pay the ransom. The initial post containing the links to the data was removed on Tuesday morning, and the suspected offender apologized for trying to sell the data.
“Too many eyes. We will not sell [sic] data to anyone. We can’t if we even want to: personally deleted data from drive (Only copy),” they said. “Sorry too [sic] 10,200 Australian whos[sic] data was leaked. “Australia will see no gain in fraud, this can be monitored. Maybe for 10,200 Australians but for the rest of the population no. Very sorry to you.”
What data does the file contain?
The file contains information/ data with people’s names, dates of birth, email addresses, phone numbers, postal addresses, and, in certain circumstances, license numbers, passport numbers, and Medicare card numbers, according to Guardian Australia.
The inclusion of Medicare numbers in the data “very concerns” the home affairs minister, Clare O’Neil, who made the statement on Tuesday. “Medicare numbers were never advised to form part of compromised information from the breach,” she said.
The dump contains about 20 emails from state and federal governments, including four from the Department of Defence and one from the Department of the Prime Minister and Cabinet.