SYDNEY, Australia (AFP) — Australia’s government said Tuesday it was “incredibly concerned” over the reported release of customers’ personal data stolen from a telecoms company in one of the largest hacks in the country’s history.
Information on up to 9.8 million Australian customers of telecoms provider Optus — more than one-third of the country’s population — may have been compromised in the cyberattack, which was revealed last week.
An anonymous poster who claimed to be behind the data breach reportedly released the personal data of more than 10,000 people late on Monday.
In posts to a hacking forum seen by AFP, the purported cybercriminal threatened to release more customer records daily unless a US$1 million ransom was paid by Optus.
But on Tuesday morning, the poster appeared to perform a U-turn.
“Too many eyes. We will not sale data to anyone,” a post written in broken English on the forum read.
The poster claimed that the only copy of the information hacked from Optus had been deleted.
“Sorry too 10,200 Australian whos data was leaked,” the post read.
The Optus breach led to the theft of customers’ names, birth dates, phone numbers, addresses, driver’s license information and passport numbers, the company said.
The data released late Monday also reportedly included people’s Medicare health service numbers, according to cybersecurity journalist Jeremy Kirk, who said he had independently verified some earlier customer information released by the poster.