Sydney teen charged after AFP makes arrest over Optus hack
A Sydney teenager has been charged over an alleged SMS scam linked to the Optus data breach that has seen millions of customers’ personal data exposed to hackers.
Hacking
Don't miss out on the headlines from Hacking. Followed categories will be added to My News.
A Sydney teenager has been charged over an “alleged SMS scam using information obtained from the Optus data breach”, the Australian Federal Police have confirmed.
AFP Assistant Commissioner Cyber Command Justine Gough told reporters a 19-year-old Rockdale man had been arrested, with a search warrant executed at a home in the southern Sydney suburb earlier on Thursday.
Police will allege the Rockdale man used data from 10,200 Optus customers and began “working his way through the list” demanding cash.
He allegedly texted 93 customers, demanding they pay $2000 into a bank account otherwise their details would be used for “other criminal purposes” according to Ms Gough.
None of the nearly 100 customers contacted paid the alleged scammer, but the AFP will allege he would have continued the operation if not apprehended by officers.
He is now facing 17 years imprisonment on two charges.
Around 9.8 million Australians had their data accessed in the major cyber attack, including addresses, passport numbers and drivers licence information.
Optus confirmed that there were 1.2 million customers who had at least one form of current and valid identification accessed by the hackers, while 900,000 had expired ID stolen.
The federal government and AFP are still investigating the source of the cyber attack and are yet to arrest the hackers.
Concern that those Australians affected would fall victim to scams is very high, with the federal government urging people to be on high alert for any suspicious messages or calls.
The news of the arrest comes as Treasurer Jim Chalmers announced that a string of new regulations will be implemented following the data leak to aim to detect and mitigate the risks of scams.
Under the changes, telcos like Optus would be able to share personal information with banks and government agencies to allow for enhanced monitoring of fraudulent transactions and likely scams
“The proposed amendments come after extensive consultation with the financial regulators and other financial institutions on how we can best protect consumers following that Optus data breach,” Mr Chalmers said.
“They need to satisfy robust security requirements and protocols for data transfer and storage, and they need to ensure that the information that they get is destroyed when it’s no longer required.
“It’s important that we note here that for data security reasons, we won’t be disclosing the details of any financial institutions that receive the data from Optus, and this is based on strong advice from the regulators,” he said.
NEW CHANGES AFTER OPTUS LEAK
A string of new regulations are expected to be implemented by the Federal government following the Optus data leak saga.
Treasurer Jim Chalmers made the announcement on Thursday, saying the changes would aim to detect and mitigate the risks of cyber security frauds, scams and other malicious cyber activities.
The changes will allow telcos to share customers’ personal information with the likes of banks and government agencies during any future cyber attacks.
“The proposed amendments come after extensive consultation with the financial regulators and other financial institutions on how we can best protect consumers following that Optus data breach,” Mr Chalmers said.
“They need to satisfy robust security requirements and protocols for data transfer and storage, and they need to ensure that the information that they get is destroyed when it’s no longer required.”
“It’s important that we note here that for data security reasons, we won’t be disclosing the details of any financial institutions that receive the data from Optus, and this is based on strong advice from the regulators,” he said.
Changes will allow drivers licences, Medicare and passport numbers to be temporarily shared with financial services to implement enhanced monitoring for Optus customers.
This will allow for increased fraud detection in the broader financial services sector through existing industry mechanisms to report fraudulent transactions.
However, the institutions must take several undertakings before they can receive any data and will have to destroy the information when it is no longer in use.
More than 10 million Australians are believed to be impacted by the hack.
More Coverage
Originally published as Sydney teen charged after AFP makes arrest over Optus hack
Aussies’ private information sold for profit
Australians’ private information is being shared hundreds of times a day with online advertisers who resell and distribute it to unknown parties, putting people at risk of targeted scams.
How movie piracy can cost Aussies thousands
Aussies who are pirating movies and TV shows are falling victim to scams. See the 10 most illegally downloaded shows and why you need to protect yourself.