Optus data breach blamed on human error

New reports suggest that human error may be behind a massive data breach that affected telecom giant Optus.

Days after sensitive customer information was leaked, including passport and driver’s license numbers, an anonymous source within the company pointed the finger at IT programmers.

The “Chief Insider” told ABC that a mistake by a programmer may have opened the door for hackers.

“(It) is still being investigated; however, it appears that this hack like most of it is due to human error,” the source told ABC.

The source claimed that the programmers were trying to open the Optus customer identity database to other systems via what is known as an API.

While it was believed that the process would only grant access to the company’s authorized systems, outsiders may have been granted access via a test network.

“Ultimately, one of the networks that was hit was a test network that just so happened to have internet access,” the source reportedly said.

The Australian Federal Police launched an investigation after receiving a referral from Optus over the alleged “mass data breach”.

“AFP will work with Optus to obtain the critical information and evidence needed to conduct this complex criminal investigation,” a statement issued Friday said.

“AFP’s Specialized Cyber ​​Command will work closely with a number of agencies, including the Australian Signals Directorate.”

Optus CEO Kelly Beyer-Rosmarin apologized for the cyber intrusion in a conference call with reporters Friday, saying “it shouldn’t have happened.”

“I’m disappointed we couldn’t prevent it,” she said.

“It undermines all the great work we have been doing to be leaders in the industry, to be challenging, and to create new and great experiences for our customers. I am really sorry.”

Bayer-Rosmarin has acknowledged that a hack could have widespread consequences for both individual customers and small businesses.

In the “absolute worst scenario”, 9.8 million customers were affected, although Ms Bayer-Rosmarin cautioned that authorities were still investigating the breach and that the full impact was not yet known.

Unconfirmed screenshots from the dark web hacker forum show cybercriminals claiming to have access to 1 million phone numbers from Optus.

Bayer-Rosmarin urged customers to monitor suspicious contacts in the near future, fearing that bad actors who access the stolen data could use it to make fraudulent calls.

“What clients can do is just be vigilant,” she said.

“It’s really about increasing alertness, alerting you to any activity that seems suspicious or strange or out of the ordinary.

“If someone calls you and says they want to connect to your computer and tell them to give them your password or let them in, don’t let that happen.”

Customers affected by Optus will be contacted in the coming days.

Originally published as massive Optus customer data breach blamed on ‘human error’

Related Posts

Leave a Reply

Your email address will not be published.