The Australian Federal Police (AFP) has arrested a 19-year-old
teen from Sydney for allegedly attempting to leverage the data
leaked following the Optus data breach late last month to extort
victims.
The suspect is said to have carried out a text message blackmail
scam, demanding that the recipients transfer $2,000 to a bank
account or risk getting their personal information misused for
fraudulent activities.
The source of the data, the agency said, was a sample database
of 10,200 records that was posted briefly on a cybercrime forum
accessible on the clearnet by an actor named “optusdata,” before
taking it down.
Details of the scam were previously shared[1]
by 9News Australia reporter Chris O’Keefe on September 27,
2022.
The AFP further said it executed a search warrant at the home of
the offender, leading to the seizure of a mobile phone used to send
the text messages to about 93 Optus customers. “At this stage it
appears none of the individuals who received the text message
transferred money to the account,” it noted[2].
The unnamed individual has been charged with using a
telecommunication network with the intent to commit a serious
offense and dealing with identification information. Both the
charges are punishable by a maximum penalty of imprisonment for 10
and 7 years, respectively.
The arrest comes as Optus, earlier this week, confirmed[3]
that the breach impacted nearly 2.1 million of its current and
former customers, exposing their license numbers and Medicare ID
numbers.
The development also follows the launch of Operation Guardian by
the law enforcement agency to identify the affected 10,200
individuals and monitor internet forums for threat actors
attempting to exploit the released information for financial
benefit.
Also set up in the aftermath of the breach is Operation
Hurricane, which aims to unmask the threat actor responsible for
the breach.
References
Read more https://thehackernews.com/2022/10/19-year-old-hacker-arrested-for-using.html