SYDNEY, (Reuters) – Optus, the Australian unit of telecoms firm Singapore Telecommunications (STEL.SI), said it was investigating the possible unauthorised access of home addresses, passport numbers and phone numbers of customers after a cyberattack.
Wireless carrier Optus said in a statement on Thursday it had immediately shut down the attack after discovering it, and that payment details and account passwords had not been compromised. It said it had notified Australian Federal Police, and that the investigation into whether current and former customers’ information were accessed was underway.
“Optus is working with the Australian Cyber Security Centre to mitigate any risks to customers,” Optus said in the statement on its website.
“We are devastated to discover that we have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” said Optus CEO Kelly Bayer Rosmarin. The Australian newspaper reported that up to 9 million customers may have been affected. Reuters could not verify the number and Optus did not immediately respond to a request for a comment.
“Optus has also notified key financial institutions about this matter. While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious,” the Optus statement added.