On Tuesday morning, the alleged hacker, known only as Optusdata, claimed there were “too many eyes” on them and they had made the decision not to sell or leak any more data.

The update came just hours after the person claimed to have exposed the data of 10,000 customers in a bid to pressure Optus into giving into their ransom demands.

The alleged hacker said they would release more details in 10,000 batches for four days unless Optus pay them $US1 million ($A1.5 million) in cryptocurrency.

The cyber criminal wanted the payment to be made in Monero, a decentralised cryptocurrency, making it hard to track down the identity of the recipient.

But a recent backflip and apology from the anonymous poster in an online hacking forum has resulted in relentless mocking from their peers.

One poster branded them an “amateur” and questioned their whole thought process when making their demands to the telco.

Stream more tech news live & on demand with Flash. 25+ news channels in 1 place. New to Flash? Try 1 month free. Offer ends 31 October, 2022 >

“So why don’t you just return the data in a file to Optus and delete what you have so they can match it to their customers?” they asked.

“BTW Monero Sux. Really for a million dollars, Could have got a job with Optus for knowing this breach and they probably would have legit paid you a million to plug the leak.

“No too smart aye! If your gonna data steal at least don’t be an amateur.”

Another person said threatening Optus and asking for a ransom was a “pretty stupid move to begin with”.

One user claimed that the alleged hacker’s work was not at a “professional level”, while another commented: “Play stupid games, win stupid prizes.”

One person joked: “Me when my mum tells me to give something back and apologise even though I’m not really sorry.”

Alleged hacker backtracks, apologises for ransom

In their latest message, the alleged hacker apologised to the Australians impacted by the data leak and said they couldn’t release more data even if they wanted to because they had “personally deleted data from drive”, which they claimed was the only copy.

They also offered their “deepest apology” to Optus, saying they “hope all goes well from this”.

“Optus if your (sic) reading we would have reported exploit if you had method to contact. No security mail, no bug bountys, no way too message,” the message read.

“Ransom not paid but we don’t care any more.”

The alleged hacker claimed it was a “mistake” to publish the data in the first place.

Cyber security researcher and writer Jeremy Kirk from ISMG Corp, who has been in contact with the alleged hacker, revealed more “bad news” for thousands of Australians on Tuesday morning.

“The Optus hacker has released 10,000 customer records and says a 10K batch will be released every day over the next four days if Optus doesn’t give into the extortion demand,” he wrote on Twitter.

The person claimed to have important data about 11.2 million Optus customers, including their names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses and ID document numbers such as driver’s licence or passport numbers.

They claimed that if their ransom demand was not met then they would begin to leak the sensitive information online.

An Optus spokesperson told news.com.au that the Australian Federal Police was aware of this thread.

“We are co-operating with them on their investigation to find the criminals who have conducted this attack,” the spokesperson said.

Worryingly, Mr Kirk also pointed out that the new data appeared to show that Medicare numbers may also have been exposed for some customers.

He said the word “Medicare” appeared 55 times across the new data set.

When news.com.au asked Optus to respond to claims of Medicare details being leaked in the hack, a spokesperson claimed they could not provide further details due to the AFP investigation.

“We are working with the AFP on their investigation of this attack. On their request, we’ve been asked not to discuss further details as it might compromise their ability to find the bad actor,” the spokesperson said.

More Coverage

Big offer to hacked Optus customers

Samantha Maiden, Catie McLeod and Ally Foster

‘Irony’ as Optus shares customers’ details

Ally Foster

When the first post from the alleged hacker appeared online, Mr Kirk said the sample dataset provided by the unknown person aligned with the breach and indicated they may indeed be the person behind the attack.

“I just ran 13 email addresses from the first batch of sample data from the alleged Optus leak through Haveibeenpwned (a website that shows if your email or phone number has been involved in a breach). Six come back as unique (not in another breach indexed in HIBP),” he said.

“Again, another strong sign that the Optus data is real.”