Perhaps the biggest punishment of all will be Dennis Su's name being forever associated with an extraordinarily inept and cack-handed attempt to frighten people out of money.
Category: Optus
T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.
Image: customink.com
In a filing today with the U.S. Securities and Exchange Commission, T-Mobile said a “bad actor” abused an application programming interface (API) to hoover up data on roughly 37 million current postpaid and prepaid customer accounts. The data stolen included customer name, billing address, email, phone number, date of birth, T-Mobile account number, as well as information on the number of customer lines and plan features.
APIs are essentially instructions that allow applications to access data and interact with web databases. But left improperly secured, these APIs can be leveraged by malicious actors to mass-harvest information stored in those databases. In October, mobile provider Optus disclosed that hackers abused a poorly secured API to steal data on 10 million customers in Australia.
The company said it first learned of the incident on Jan. 5, 2022, and that an investigation determined the bad actor started abusing the API beginning around Nov. 25, 2022.
T-Mobile says it is in the process of notifying affected customers, and that no customer payment card data, passwords, Social Security numbers, driver’s license or other government ID numbers were exposed.
In August 2021, T-Mobile acknowledged that hackers made off with the names, dates of birth, Social Security numbers and driver’s license/ID information on more than 40 million current, former or prospective customers who applied for credit with the company. That breach came to light after a hacker began selling the records on a cybercrime forum.
Last year, T-Mobile agreed to pay $500 million to settle all class action lawsuits stemming from the 2021 breach. The company pledged to spend $150 million of that money toward beefing up its own cybersecurity.
In its filing with the SEC, T-Mobile suggested it was going to take years to fully realize the benefits of those cybersecurity improvements, even as it claimed that protecting customer data remains a top priority.
“As we have previously disclosed, in 2021, we commenced a substantial multi-year investment working with leading external cybersecurity experts to enhance our cybersecurity capabilities and transform our approach to cybersecurity,” the filing reads. “We have made substantial progress to date, and protecting our customers’ data remains a top priority.”
Despite this being the second major customer data spill in as many years, T-Mobile told the SEC the company does not expect this latest breach to have a material impact on its operations.
While that may seem like a daring thing to say in a data breach disclosure affecting a significant portion of your active customer base, consider that T-Mobile reported revenues of nearly $20 billion in the third quarter of 2022 alone. In that context, a few hundred million dollars every couple of years to make the class action lawyers go away is a drop in the bucket.
The settlement related to the 2021 breach says T-Mobile will make $350 million available to customers who file a claim. But here’s the catch: If you were affected by that 2021 breach and you haven’t filed a claim yet, please know that you have only three more days to do that.
If you were a T-Mobile customer affected by the 2021 incident, it is likely that T-Mobile has already made several efforts to notify you of your eligibility to file a claim, which includes a payout of at least $25, with the possibility of more for those who can document direct costs associated with the breach. OpenClassActions.com says the filing deadline is Jan. 23, 2023.
“If you opt for a cash payment you will receive an estimated $25.00,” the site explains. “If you reside in California, you will receive an estimated $100.00. Out of pocket losses can be reimbursed for up to $25,000.00. The amount that you claim from T-Mobile will be determined by the class action administrator based on how many people file a legitimate and timely claim form.”
There are currently no signs that hackers are selling this latest data haul from T-Mobile, but if the past is any teacher much of it will wind up posted online soon. It is a safe bet that scammers will use some of this information to target T-Mobile users with phishing messages, account takeovers and harassment.
T-Mobile customers should fully expect to see phishers taking advantage of public concern over the breach to impersonate the company — and possibly even send messages that include the recipient’s compromised account details to make the communications look more legitimate.
Data stolen and exposed in this breach may also be used for identity theft. Credit monitoring and ID theft protection services can help you recover from having your identity stolen, but most will do nothing to stop the ID theft from happening. If you want the maximum control over who should be able to view your credit or grant new lines of credit in your name, then a security freeze is your best option.
Regardless of which mobile provider you patronize, please consider removing your phone number from as many online accounts as you can. Many online services require you to provide a phone number upon registering an account, but in many cases that number can be removed from your profile afterwards.
Why do I suggest this? Many online services allow users to reset their passwords just by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over your phone number thanks to an unauthorized SIM swap or mobile number port-out, divorce, job termination or financial crisis can be devastating.
Just within 3 weeks of confirmation, Singapore Telecommunication LTD aka SingTel has confirmed another data breach after Optus Cyber Attack. It has issued a press update saying its Australian company Dialog Pty faced a digital attack last week leaking details of only 20 clients. However, the issue seems to be serious as all the customers impacted in the lead were hit by a sophisticated attack, divulging a lot of personal info about them. The attack seems to be large than what is being reported.
In September 2022, Optus released a press statement that data of its 10 million clients was accessed by hackers. But confirmed that there is no proof that the stolen details were misused by now.
Australian Prime Minister declared a digital emergency as soon as the attack was exposed and urged all critical infrastructure operating firms to bolster their IT infrastructure against cyber attacks.
Now, the latest victim seems to be a subsidiary of Singtel named ‘Dialog’ and sensitive details were also accessed in the hack.
Ironically, the company also became a victim of digital disruption in January 2021 when hackers exploited its management systems through an Accellion FTA vulnerability. However, an investigation conducted later confirmed that there was no personal data access or leak in the attack and the situation was under control.
After reviewing the current situation, the Telecom company has appointed a team of experts who are being assigned the dedicated duty of protecting the network 24×7 from attacks such as those funded by the state.
The post SingTel confirms another data breach after Optus Cyber Attack appeared first on Cybersecurity Insiders.
Licence compromised? Passport number burned? Need a new one? Who's going to pay?
Australian Prime Minister Anthony Albanese has asked all the banks working in the Continent to step-up their cybersecurity measures as soon as possible. Mr. Albanese has also asked government officials to scrutinize all measures taken up by banks operating in the nation and ask those which are below to mark to bolster security.
The PM decided after Optus, the telecom operator of Australia, revealed that it became a victim to a sophisticated cyber attack resulting in private information of over 10 million customers been accessed by hackers.
Optus, a subsidiary of Singapore Telecom LTD said that about 40% of the population’s PII such as driving licenses, passport numbers and home addresses were stolen by hackers, who are now threatening to release the data, if their demand for $1 million is not fulfilled on time.
Albanese called the incident as a ‘wake-up call’ for the entire corporate sector and is urging banks and those operating national infrastructure to up the security.
Australian government might impose a hefty penalty on the telecommunication firm for showing a lapse in protecting the information of its customers, a move similar to the one observed in the European Governance, as per the GDPR laws of 2018.
Currently, the mobile firm has announced of offering a free credit monitoring and identity protection from Equifax Inc Credit Agency and announced that no account passwords or payment card info was leaked in the attack.
NOTE- Australia announced in the budget session of 2020 that it will pledge $1.1 billion investment over a decade to bolster the internet network infrastructure of public and private companies serving public. Now it is looking to fasten the process and complete it by the year 2025.
The post Australia to treat Optus data breach as a privacy wakeup call appeared first on Cybersecurity Insiders.
Optus aka Singtel Optus PVT Limited has apparently suffered a cyber attack resulting in the leak of personal information of customers that includes names, date of births, phone details, and email addresses. Unconfirmed sources say that the attack is deep than what is being reported as some customers even had their passport and driving license details leaked to the hackers.
The Australian Telecommunication Firm is currently silent on the issue and assured that it will release a press statement after a preliminary inquiry into the attack gets completed.
Australian Federal Police and Australian Cyber Security Centre are working closely to find out those behind the incident and suspect a foreign nation’s involvement is suspected behind the incident.
Currently, there is no info on the stolen data being misused on the internet or anywhere and news is out that passwords and payment card details weren’t compromised or access in the attack by the threat actors.
From the past few months, Australia has been experiencing cyber attacks on its national infrastructure and the nation has blamed Russia for digital assaults. It suspects the Kremlin behind the attacks as the Ex-Prime Minister felt that Australian support for Ukraine is pinching Moscow to an extent where it started retaliation as a cyber war.
Coming to a war between Russia and Ukraine, it seems like the former has lost its entire patience and is interested in taking down its foe with nuclear warfare. It has also issued a warning to the west that its support to the Zelenskyy led nation would cost it severe and will cause loss of innocent lives.
The post Optus Australia suffers serious data breach after Cyber Attack appeared first on Cybersecurity Insiders.