Optus Breach SMS Scam

The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting to leverage the data leaked following the Optus data breach late last month to extort victims.

The suspect is said to have carried out a text message blackmail scam, demanding that the recipients transfer $2,000 to a bank account or risk getting their personal information misused for fraudulent activities.

The source of the data, the agency said, was a sample database of 10,200 records that was posted briefly on a cybercrime forum accessible on the clearnet by an actor named "optusdata," before taking it down.


Details of the scam were previously shared by 9News Australia reporter Chris O'Keefe on September 27, 2022.

The AFP further said it executed a search warrant at the home of the offender, leading to the seizure of a mobile phone used to send the text messages to about 93 Optus customers. "At this stage it appears none of the individuals who received the text message transferred money to the account," it noted.

The unnamed individual has been charged with using a telecommunication network with the intent to commit a serious offense and dealing with identification information. Both the charges are punishable by a maximum penalty of imprisonment for 10 and 7 years, respectively.

Fight AI with AI — Battling Cyber Threats with Next-Gen AI Tools

Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.

Supercharge Your Skills

The arrest comes as Optus, earlier this week, confirmed that the breach impacted nearly 2.1 million of its current and former customers, exposing their license numbers and Medicare ID numbers.

The development also follows the launch of Operation Guardian by the law enforcement agency to identify the affected 10,200 individuals and monitor internet forums for threat actors attempting to exploit the released information for financial benefit.

Also set up in the aftermath of the breach is Operation Hurricane, which aims to unmask the threat actor responsible for the breach. To that end, the AFP said it's aggressively pursuing all lines of enquiry.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.