The Australian Federal Police (AFP) have arrested a 19-year old in Sydney for allegedly using leaked Optus customer data for extortion.
More specifically, the suspect used 10,200 records leaked last month by the Optus hackers and contacted victims over SMS to threaten that their data would be sold to other hackers unless they paid AUD 2,000 ($1,300) within two days.
The scammer used a Commonwealth Bank of Australia account to receive the ransom money. The AFP identified the account and obtained from the bank information about the holder.
“Assistant Commissioner Cyber Command Justine Gough said the man was not suspected of being the individual responsible for the Optus breach but allegedly tried to financially benefit from the stolen data that was dumped on an online forum” – Australian Federal Police
According to the AFP, the arrested young man allegedly sent blackmailing messages to 93 individuals whose personal information was exposed Optus data leak. None of them paid the ransom, though.
The suspect now faces charges for:
Using a telecommunication network with the intent to commit a serious offense (blackmail), contrary to section 474.14 (2) of the Criminal Code Act 1995 (Cth), punishable by up to 10 years of imprisonment
Dealing with identification information, contrary to section 192K of the Crime Act 1900 (NSW), punishable by a maximum of 7 years in prison
The hackers behind the Optus breach have not been identified but AFP’s investigation is still underway as part of “Operation Hurricane.”
“The Hurricane investigation is a high priority for the AFP, and we are aggressively pursuing all lines of inquiry to identify those behind this attack,” stated Assistant Commissioner Gough.
Announcing the international operation was apparently enough to discourage the threat actors from continuing their extortion, even leading to them declaring that all data stolen from Optus had been deleted.
Two days ago, Optus published an update on the results of its ongoing internal investigation, confirming that 9.8 million customers were variably impacted, and 2.1 million of them had their government ID numbers compromised.
Many of these people will need new IDs issued now. The Australian government is demanding Optus to cover the costs for this process.