Alleged Optus hacker deletes extortion threat and apologises after releasing more personal data

On Tuesday morning, the user Optusdata edited its original post about the data breach on a popular hacking forum to link to more user data.

“Since they not payed yet here is 10.0000 record from address file,” it wrote.

Optusdata also promised to release data from another 10,000 users for the next four days unless Optus pays US$1 million in the untraceable cryptocurrency Monero.

Not long afterwards, the account’s original post was deleted. It was replaced with a new post that claimed the stolen data had been deleted and apologising for the breach.

Too many eyes. We will not sale [sic] data to anyone. We cant if we even want to: personally deleted data from drive (Only copy). Sorry too 10.200 Australian whos data was leaked. Australia will see no gain in fraud, this can be monitored. Maybe for 10.200 Australian but rest of population no. Very sorry to you. Deepest apology to Optus for this. Hope all goes well from this.

Alleged Optus hacker Optusdata

The account also criticised Optus for failing to offer any way to report an exploit: “Optus if your [sic] reading we would have reported exploit if you had method to contact. No security mail, no bug bountys [sic], no way too [sic] message.”

Crikey has not been able to independently verify the data with any of the individuals purported to be in this data set. Over the weekend, Optus said it would not confirm or deny whether the data in the sample is real.

Security researcher Jeremy Kirk noticed that the released data contained what appeared to be Medicare numbers. Email addresses included suggest that a number of government employees, including members of the Department of Defence, are included in the breach.

Optus said the company has contacted individuals whose details were compromised because of the cyber attack. Yesterday it said it would pay for a year of credit monitoring and identity protection for all current and former customers included in the breach.