Singapore Telecommunications Optus announced yesterday that it was investigating unauthorized access of customer data. The Australian unit of the telecoms firm allegedly suffered from a cyberattack that was halted before customer payment details and account passwords were stolen. However, roughly 9.7 million subscribers could have had other personally identifiable information exposed, such as home addresses, driver’s licenses, and passport numbers.
The telecommunications company confirmed that it is working with the Australian Cyber Security Centre to mitigate any risks that the breach poses to customers. Although the technical details of the attack have not been disclosed, security researchers believe that the breach may have been due to a vulnerability in a piece of security technology. Customers should be wary of follow-up attacks such as identity fraud and phishing attacks during which the attackers may leverage the previously stolen data.