On Tuesday morning, the alleged hacker, known only as Optusdata, claimed there were “too many eyes” on them and they had made the decision not to sell or leak any more data.

The update comes just hours after the person claimed to have exposed the data of 10,000 customers in a bid to pressure Optus into giving into their ransom demands.

In the latest message, the person apologised to the Australians impacted by the data leak and said they couldn’t release more data even if they wanted to because they had “personally deleted data from drive”, which they claimed was the only copy.

The alleged hacker also offered their “deepest apology” to Optus, saying they “hope all goes well from this”.

“Optus if your (sic) reading we would have reported exploit if you had method to contact. No security mail, no bug bountys, no way too message,” the message read.

“Ransom not paid but we don't care any more.”

The alleged hacker claimed it was a “mistake” to publish the data in the first place.

Cyber security researcher and writer Jeremy Kirk from ISMG Corp, who has been in contact with the alleged hacker, revealed more “bad news” for thousands of Australians on Tuesday morning.

“The Optus hacker has released 10,000 customer records and says a 10K batch will be released every day over the next four days if Optus doesn’t give into the extortion demand,” he wrote on Twitter.

The move came just days after this same hacker posted a ransom on an online forum early on Saturday morning, demanding Optus pay $US1 million (A$1.5 million) in cryptocurrency.

The person claimed to have important data about 11.2 million Optus customers, including their names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses and ID document numbers such as driver’s licence or passport numbers.

They claimed that if the demand was not met then they would being to leak the sensitive information online.

An Optus spokesperson told news.com.au that the Australian Federal Police was aware of this thread.

“We are co-operating with them on their investigation to find the criminals who have conducted this attack,” the spokesperson said.

Mr Kirk shared a screenshot of a message allegedly written by the hacker, in which the person demanded Optus only contact them online.

“We are businessmen 1.000.000$US is a lot of money and will keep too (sic) our word,” the message read.

The cyber criminal wants the payment to be made in Monero, a decentralised cryptocurrency, making it hard to track down the identity of the recipient.

The alleged hacker claimed if Optus cared about their customers it would pay the ransom, noting that $US1m was a “small price to pay” compared to the revenue they make.

If the money is paid then the hacker claimed the customer data would be deleted from their hard drive.

“Only 1 copy exist. Will not sale (sic) data … completely gone,” the message read.

The telco company has been given four days to decide whether to pay the ransom.

Stream more tech news live & on demand with Flash. 25+ news channels in 1 place. New to Flash? Try 1 month free. Offer ends 31 October, 2022 >

Worryingly, Mr Kirk also pointed out that the new data appeared to show that Medicare numbers may also have been exposed for some customers.

He said the word “Medicare” appeared 55 times across the new data set.

When the first post from the alleged hacker appeared online, Mr Kirk said the sample dataset provided by the unknown person aligned with the breach and indicated they may indeed be the person behind the attack.

“I just ran 13 email addresses from the first batch of sample data from the alleged Optus leak through Haveibeenpwned [a website that shows if your email or phone number has been involved in a breach]. Six come back as unique (not in another breach indexed in HIBP),” he said.

“Again, another strong sign that the Optus data is real.”

Mr Kirk also said he contacted the hacker and they gave him a detailed explanation on how they completed the hack, which also convinced him the person was “the real deal”.

Expert reveals motive behind Optus attack

Speaking to Nine’s Today show on Tuesday morning, cyber security threat analyst, Brett Callow, said the motive for the breach was “money, plain and simple”.

“They are looking to score a big payday,” he said.

Mr Callow threw doubts on the claims from Optus that this had been a “sophisticated” cyber attack.

“It would sound like something potentially a high school kid could’ve pulled off,” he said.

Mr Callow said these kind of attacks have increasingly become a bigger issue in recent years.

“People are weaponising companies’ customers. They are stealing their data, in some cases, they are actually contacting the people to which the data relates,” he explained.

“That happens very often in an attempt to get those people to pressure the companies into paying.”

Previously, Optus CEO Kelly Bayer Rosmarin said reports of 9.8 million records being compromised is the “absolute worst case scenario”.

She described the situation as a “sophisticated attack” and said Optus acted immediately to stop any further action after learning of the attack, and authorities had been called in to assist in investigating the source.

More Coverage

Aussies rage at three words in Optus email

Ally Foster

Concerning detail buried in Optus leak

Ally Foster

“We are very sorry and understand customers will be concerned,” she said.

“Please be assured that we are working hard, and engaging with all the relevant authorities and organisations, to help safeguard our customers as much as possible.

“Optus has also notified key financial institutions about this matter. While we are not aware of customers having suffered any harm, we encourage customers to have heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious.”