Optus issues grovelling full-page ad

“We’re deeply sorry,” the message from the telco read.“We’re deeply sorry that a cyberattack has happened on our watch. We know this is devastating and that we’ll need to work hard to regain your trust. The attack was quickly shut down, and we are working closely with authorities to understand how this attack on your privacy occurred.“Our priority is preventing harm to customers. We are here to assist and support you through any personal concern that you may be feeling.“We know there’s a lot of information and misinformation out there, and we’ve heard your message that we need to communicate more clearly. That’s why we’ve not put together easily accessible materials for you to stay informed on the actions you can take at optus.com.au/support/cyberattack”Some 9.8 million current and former Optus customers potentially had their sensitive personal information, including names, addresses, phone numbers, emails, employment history, passport, drivers licence and Medicare number stolen in the hack.The major security blunder, first revealed by the telco last week, is the biggest data breach in Australian history.The alleged hacker, known only as Optusdata — a user on the anonymous BreachForums website — had originally demanded Optus pay them $US1 million ($1.5 million) in the Monero cryptocurrency as a ransom.Early in the week, the cyber criminal released the data of 10,000 customers in a bid to pressure Optus to give into their ransom demands — but within hours sensationally announced they were backing down and would not sell or leak any more data, claiming there were “too many eyes” on them.In the message, the alleged hacker apologised to the Australians impacted by the data leak and said they couldn’t release more data even if they wanted to because they had “personally deleted data from drive”, which they claimed was the only copy.They also offered their “deepest apology” to Optus, saying they “hope all goes well from this”.“Optus if your [sic] reading we would have reported exploit if you had method to contact. No security mail, no bug bountys, no way too message,” the message read.“Ransom not paid but we don’t care any more.”The alleged hacker claimed it was a “mistake” to publish the data in the first place.Optusdata has since vanished from the forum, after being mocked by their peers for the sudden backflip.On Friday, the Australian Federal Police announced it was launching Operation Guardian in partnership with state and territory authorities, the private sector and industry to protect Optus hack victims.“Customers affected by the breach will receive multi-jurisdictional and multi-layered protection from identity crime and financial fraud,” the AFP said in a statement.“The 10,000 individuals, who potentially had 100 points of identification released online, will be prioritised.”Authorities will monitor online forums, the internet and dark web for “other criminals trying to exploit the personal information released online”, and would engage with the financial service industry to detect criminal activity associated with the data breach.It will also analyse trends from ReportCyber to determine whether there are links between individuals who have been exploited, and to identify and disrupt cyber criminals.“Operation Guardian will use collective legislative powers, experience, investigative and intelligence capabilities of all Australian policing jurisdictions,” the statement said.Earlier in the week, Optus confirmed that the valid Medicare ID numbers of 14,900 Australians had been exposed, and that it would contact all of the affected customers would be contacted within 24 hours.In addition, Optus advised that a further 22,000 expired Medicare numbers had been accessed.“Please be assured that people cannot access your Medicare details with just your Medicare number,” Optus said in a statement on Wednesday night.“If you are concerned or have been affected, you can replace your Medicare card as advised by Services Australia.”The federal government is “furious” that Optus took five days to notify it about the breach of Medicare data after the cyberattack was revealed on September 22.“We were not notified that among passport details, drivers licence details and others that Medicare details had also been the subject of this breach,” Health Minister Mark Butler told ABC Radio.“So we’re very concerned obviously about the loss of this data, and we’re working very hard to deal with the consequences of that. We’re looking at [getting people new Medicare numbers]. We’ll have more to say about that as soon as we can, but we’re looking at that very closely.“Meanwhile, state governments have put in place processes for hack victims to obtain replacement drivers licences, and the federal government has confirmed replacement passports will also be offered.Optus is being forced to foot the bill.“Optus have responded to the request that I made both in the parliament and that Senator Wong made in writing to Optus … they will cover the costs of replacing affected customers’ passports,” Prime Minister Anthony Albanese confirmed on Friday.“I think that’s entirely appropriate. I find it extraordinary that the Federal Opposition called upon taxpayers to foot the bill.”What do if you think you’ve been hacked• Look out for any suspicious or unexpected activity across your online accounts, including your telco, bank and utilities accounts. Make sure to report any suspicious activity in your bank account immediately to your financial institution.• Do not click on any links in any email or SMS claiming to be from Optus.• If someone calls claiming to be from Optus, police, bank or another organisation and offers to help you with the data breach, consider hanging up and contacting the organisation on its official contact details. This can be a scammer calling using your personal information.• Never click on any links that look suspicious and never provide your passwords, your bank’s one time pins, or any personal or financial information.• If people call posing as a credible organisation and request access to your computer, always say no.— with Ally Foster and NCA NewsWire Via news.com.au — Australia’s leading news site https://www.news.com.au