The firm revealed on Friday that sensitive information about some 10 million Australian telecom customers may have been compromised by a massive hack at the country’s second-largest provider.
Optus chief executive Kelly Baer Rosmarin said a “sophisticated” actor was behind the cyberattack, which obtained information about 9.8 million users.
The data accessed included customers’ names, dates of birth, phone numbers and email addresses, as well as some driving license and passport numbers.
According to the Singapore-owned firm, no passwords or bank details were taken.
It is not yet clear whether the attack was from a state-based or criminal organization, but Bayer Rosmarin said no ransom demands were made.
“It is too early to rule out any possibility,” he said, adding that police and the Australian government were investigating.
“We don’t yet know who these attackers are and what they want to do with this information.”
The Australian Competition and Consumer Commission warned potentially affected Australians – a number that corresponds to nearly half the country’s population – that they could be at risk of identity theft.
“Optus customers should take immediate steps to secure all of their accounts, especially their bank and financial accounts. You should monitor unusual activity on your accounts and keep an eye on contact by scammers,” the watchdog said.