CyberSec Roundup
A synopsis of the Latest Cybersecurity News

Worst Cyber-Attack in Australian History

The Australian telecommunications company Optus suffered a major cyber attack that exposed customer information for at least 10 million customers. A $1 million ransom was demanded from the threat actor “Optusdata” after they posted a sample of the stolen data. But in a strange turn of events, he quickly rescinded the demand, claimed to have deleted all the stolen data, and apologized for the hack.

Stronger Regulations Needed

To make matters worse, 3 million of these people also had their identity document information stolen, such as passports, Medicare and license numbers. This prompted an Australian government official to advise these affected customers to cancel their passports and licenses. Former Optus customers were surprised to be caught up in the attack as the company held onto their information for 6 years when it seems the company was only required to retain it for 2 years. Government officials said Australia needs laws to better manage these types of major cyber security incidents, along with stronger fines for offending companies.

Morgan Stanley Negligent with Customer Data

Federal regulators fined Morgan Stanley $35 million for improper disposal of devices and hard drives which contained sensitive customer data. Since 2015, the company did not properly destroy the devices themselves nor did they hire a firm with expertise in the area to dispose of them. This led to improper exposure for an estimated 15 million customers as some devices were later being resold at auctions with company data still on them.

By: David Pinder
IT & Cybersecurity Consultant
Certified Ethical Hacker (Master)