The group behind the massive Optus data breach has reportedly dropped its ransom demand and claims to have deleted the 11 million customers’ records it scraped from the telco’s website.It comes after an alleged attempt to force Optus to pay US$1 million ($1.54 million) by Friday after the group released a batch of 10,000 Australian customers’ sensitive details on a data breach forum on the clear web.
The illegally obtained information includes passport and driver’s licence numbers, dates of birth and home addresses, according to cyber security researcher and writer Jeremy Kirk from ISMG Corp.
Mr Dreyfus said the commissioner wasn’t notified by Optus of the breach involving almost 10 million customers, until late Friday, the day after it was first reported.”Optus has a responsibility for the privacy of both current and former customers,” he said.An ongoing privacy review will be completed this year.
Read also