The Australian Federal Police are investigating the cyber attack on Optus as the legitimacy of an alleged online ransom threat to sell millions of customer details is probed.
Optus said today the attack could trigger illegitimate offers to sell customer details online as a user on a data breach forum has claimed two files containing sensitive customer information will be sold if a $1.53 million ransom is not paid within a week.
The number of customers whose details were compromised in Thursday’s “sophisticated” hack was initially estimated at 9.8 million.
The threat, sighted by 9News, was posted to an online website where stolen information is sold and claims one file contains 11.2 million lines of information, while the other 10 million.
There’s no cross referencing of the data currently available to remove duplication, but it indicates the number of unique users impacted will be in excess of 11 million.
Over four million of them are reported to contain an identity document number, such as drivers licence or passport, and over four million appear to have active Optus subscriptions.
Optus did not comment directly on the alleged threat, which has said the data would be sold in one lot or in groups of users at a price of up to $300 each unless the USD$1 million payment was made in a cryptocurrency called Monero.
“Given the investigation, Optus will not comment on the legitimacy of customer data to be held by third parties and urges all customers to exercise caution in their online transactions and dealings,” a statement obtained by 9News read.
Customers have been advised Optus is not sending links in SMS or emails and has warned users not to open any link from someone claiming to be from the company.
It’s also been noted the attack will likely lead to an increase in phishing scams through email, phone calls and text messages as “criminals seek to benefit financially”.