What data was taken?
Optus says the stolen data includes names, email addresses, postal addresses, phone numbers, dates of birth, and for a portion of the affected customers, identification numbers including passport numbers, driver’s licence numbers and Medicare numbers.
The dump of records released by the forum user contained all this information.
How common is this method of attack?
“Unfortunately, it can be pretty common,” Josh Lemon, a digital forensics and cyber incident expert at SANS Institute, said. But he said attackers tended to not target a single organisation. They usually scan across the internet looking for known vulnerabilities and exploiting those vulnerabilities all at once, he said.
“So for a threat actor to specifically just go after [one company] is a little bit unique in that sense.”