Thread Reader

Jeremy Kirk


Sep 23

8 tweets

Someone is claiming to have the stolen Optus account data for 11.2 million users. They want $1 million in the Monero cryptocurrency from Optus to not sell the data to other people. Otherwise, they say they will sell it in parcels. #optus #auspol #infosec #OptusHack

The person who runs this data market where the Optus data was posted says the data is real (I have not verified the data yet). The person writes that "optusdata" showed the script used to scrape the data and passed along info about the vulnerable endpoint. #infosec #OptusHack

I've run 10 email addresses from the second sample of the Optus data through @Have I Been Pwned. Nine have been in multiple data breaches before, but one is unique to this sample. That's a strong sign this leak is the real deal.

I just ran 13 email addresses from the first batch of sample data from the alleged Optus leak through @Have I Been Pwned. Six come back as unique (not in another breach indexed in HIBP). Again, another strong sign that the Optus data is real. #OptusHack #infosec #auspol @Troy Hunt

I queried Optus. Optus says: "We are investigating the legitimacy of this."

I've literally found someone down the road from me in the sample data. When I get out of my bathrobe and stop tweeting, I'll go down there and see if I can find the person to confirm her data.

I found the person in the data set. She was working in her front yard. She wants to stay unnamed but confirmed she is a former Optus customer and that her data is accurate. We still need a confirm from Optus on the data but this is all lining up. #OptusHack #auspol #infosec

I explained who I was and handed her a printout of her data (as an aside, kind of a weird experience - shoe leather journalism meets cyberspace). She said it was kind of scary. She hadn't been contacted by Optus yet. #OptusHack #auspol

Jeremy Kirk


Covering Aussie and global IT security. Editor @ISMGCorp. Story tips welcome. Creator of The @RansomwareFiles podcast:

Follow on Twitter

Missing some tweets in this thread? Or failed to load images or videos? You can try to .