The government’s Home Affairs and Cybersecurity Minister Clare O’Neil is set to announce reforms that would allow telcos to inform banks about privacy breaches, a move currently prevented under existing privacy protections. What can we do to stop the next Optus hack? Right now, banks have reportedly stepped up monitoring for suspicious activity in response, while Optus is requiring customers to come into their stores to carry out transactions. “They are not set up to engage in what approaches population scale re-regulation,” he said.Īustralian National University’s Dr Liz Allen told Crikey there are questions about data integrity and the social licence of future data collection, such as the census. University of Canberra Associate Professor Dr Bruce Baer Arnold said it’s unlikely governments will re-issue passports, drivers licences and other identity objects. The release, or the threat of the release, undermines current systems built on existing standards of verification. What of the broader implications for Australia? Governments, businesses and organisations use personal identifying information (PII) to verify people’s identities. That leaves them exposed in the future to these risks. ![]() Unfortunately for them, many of the details in the leak are difficult or impossible to change. Plus individuals have little chance of legal recourse as Australia does not have a statutory tort of invasion of privacy. These responses place the onus on the individual to be responsible for managing their own harm. They’ve been advised to watch for phishing attempts and suspicious transactions. Optus has contacted all of those caught in the leak. The big hack: the banks know it is coming Read More > What happens when millions of Australians have their data leaked? The suspected API endpoint is offline, meaning there’s no further risk of more information being retrieved. In this case, it’s believed that the people behind the cyberattack were able to access an Optus API that did not require someone to log in to access customer data. A popular example is weather APIs most weather apps get condition information from an API belonging to an organisation like the Bureau of Meteorology, which actually physically collects the data. In layman’s terms, API is a go-between for two different pieces of software. Reporting by the ABC’s Andrew Greene and BankInfoSecurity’s Jeremy Kirk suggests that intruders used an application programming interface (API) to obtain Optus’ customer data. Even though many will pay the ransom ( 80% according to one survey of Australian businesses this year), there’s no guarantee that attackers would follow through on their promise and delete the data obtained. Ransomware attacks are increasingly common as hackers leverage cyberattacks to extract payments from businesses and organisations. It is small in compared to there revenue,” they said in a message. If Optus care about there customers they should pay money. Data will be destroyed and we can retire. They said they would delete the information if the ransom was paid: “Data will not be sold to criminal if paid. The account told Crikey that they had not yet heard from Optus. The company said it has been advised by the Australian Federal Police to not offer further comment. Optus has not confirmed that Optusdata’s database is real.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |