A 19-year-old Sydney man has been charged with allegedly trying to blackmail Optus customers whose data was leaked onto the internet as proof of a data breach.
Australian Federal Police executed a search warrant at a home in Rockdale in Sydney’s south on Thursday and seized a smartphone.
Police will allege that the man texted 93 Optus customers, demanding they transfer $2000 to a CBA bank account “or face their personal information being used for financial crimes”.
The customer details were published to a forum by the alleged attacker behind the Optus data breach, before being pulled offline.
Police allege the bank account being used by the 19-year-old belonged to a juvenile.
They said that “at this stage it appears none of the individuals who received the text message transferred money to the account.”
The man is charged with using a telecommunication network with the intent to commit a serious offence, and dealing with identification information.
The charges carry maximum sentences of 10 years and seven years imprisonment, respectively.
Assistant commissioner cyber command Justine Gough said the man was not suspected of being the individual responsible for the Optus breach, “but allegedly tried to financially benefit from the stolen data that was dumped on an online forum.”
“Last week, the AFP and our state and territory partners launched Operation Guardian to protect the most vulnerable customers affected by the Optus breach and we were absolutely clear that there would be no tolerance for the criminal use of this stolen data,’’ Gough said.
Gough said the AFP, its state partners and industry “are relentlessly scouring forums and other online sites for criminal activity linked to this breach.”
“Just because there has been one arrest does not mean there won’t be more,” she said.
A separate AFP-led investigation into the data breach itself continues under the codename ‘Operation Hurricane’.
.png&h=140&w=231&c=1&s=0)
Tech in Gov 2024
