Hackers allegedly behind the Optus breach issued an apology and said the stolen data was deleted even though days ago the ransom demanded was $1m.
Threat actors who claimed responsibility for hacking Australia’s second-largest wireless carrier Optus abruptly decided the breach was a mistake, apologized, and declared that they had deleted the data.
“Deepest apology to Optus for this. Hope all goes well from this,” threat actors said in a post on a hacking community forum BreacedForums.
The announcement marks a sharp shift from the initial posture of the hackers who demanded Optus pay $1m in a week or the data of close to 10m Australians will be sold piece by piece.
To put money where their mouth is, threat actors even leaked 10k records and promised to leak another 10k every day for the next four days until the deadline given to Optus ends.
“Ransom not payed [sic], but we don’t care any more. Was mistake to scrape publish data in first place,” the hackers said on Tuesday.
The breach has caused turmoil in Australia as the dataset supposedly included sensitive information on almost a quarter of the country’s population. Some forum users said they could identify the home addresses of people whose data was in the leaked 10k records.
According to Reuters, the Australian federal government has blamed Optus for the breach and vouched to introduce reforms on cybersecurity. Meanwhile, Optus holds that the company did everything to protect the data and should not be blamed for being robbed.
Local authorities said they were working with the Federal Bureau of Investigation (FBI) to get to the bottom of the attack.
It’s unclear why the hackers suddenly dropped the ransom demand and supposedly deleted the stolen data.
Optus is a major player in the Australian telecommunications market. If the number of affected clients is confirmed, that would mean threat actors stole data of almost all of its customers since the company has around 10 million customers.
More from Cybernews:
Subscribe to our newsletter