This isn’t your typical T-Mobile data breach
It’s a pretty sad fact, but it’s a fact nonetheless that data breaches are quite common these days. Mobile carriers, who hold a lot of personal and identifiable information, are common targets and T-Mobile has been the one that has been hit time and time again. Affected customers are typically prompted to change their passwords and register for credit monitoring. But it looks like Australia is making more of a deal over a recent hacking attack on telecoms operator Optus.
Optus first reported the data breach on September 22, but the extent of the impact would only be revealed in the following days: 9.8 million customers, current and former, would be affected by the possible exposure of names, dates of birth, telephone numbers. , driver’s license numbers, health insurance numbers and even information from the Centrelink job search service. The company says it is working to notify customers affected by the theft of specific data points, to reach out to territorial, state and federal government agencies, and to offer credit monitoring to customers through Equifax. .
On Friday, the Australian Federal Police launched a comprehensive joint operation with state and territory police to protect more than 10,000 customers who had more than 100 data points exposed. A BreachForums user who claimed to have created the dataset, later withdrew an offer to sell (via ABC). Operation Guardian involves extensive monitoring of forums and other nodes on the Internet and dark web for any instances of hacked data and a targeted crime prevention effort.
But the federal government is unhappy with the amount of action Optus has taken. The ABC reports that the federal agency Services Australia made a request to Optus on September 27 for a full list of customers whose Medicare and Centrelink information had been revealed. Optus has yet to respond.
“It has been 11 days since the breach,” said Bill Shorten, Minister of Government Services. “It’s strange that we still can’t identify who, for example, used their health insurance information – their number – to be able to get identification.”
The Labor government is also seeking to strengthen laws on the commercial processing of data. Cybersecurity Minister Clara O’Neil said the laws put in place by the previous Liberal-National government were not enough to handle emergencies like this.