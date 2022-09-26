A mysterious figure claiming to be the hacker who stole the personal data of up to 10 million Australians from Optus has warned the telco it has just five days to comply with their demands.

The alleged hacker posted again on an anonymous chat forum on Monday, reiterating their earlier $1 million dollar demand, noting that it’s a “small price” for such a massive breach.

‘We are businessmen’, reads the new message in broken English.

‘1,000,000$US is a lot of money and will also (sic) keep our word. If you care about the customer, you pay! Revenue $9 billion, $1 million is a small price to pay.

“If 1,000,000SUS pays, the data will be deleted from the drive. There is only 1 copy. Completely gone!’

At the bottom in red, Optus is reminded of the ultimatum: ‘5 more day to decision Optus’.

The message says that Optus can only contact the poster through the chat forum.

In an earlier post, the hacker warned that millions of personal addresses, dates of birth, phone numbers and driver’s licenses will be leaked if Optus does not pay $US1 million in cryptocurrency Monero.

Earlier on Monday, Optus received a firm backhand from the federal minister overseeing the telco giant, along with the threat of “hundreds of millions of dollars” in fines over the massive security breach.

Albanian cybersecurity minister Claire O’Neal didn’t miss it when she targeted Optus last week for the massive security breach, which she said the government was warned about on Wednesday.

“Responsibility for this security breach rests with Optus and I note that the breach is of a nature that we would not expect from a major telecommunications provider in this country,” she said.

In a blunt response to a question about what the government was going to do about the breach, Ms. O’Neil made a not-so-veiled threat.

“I also note that in other jurisdictions, a data breach of this magnitude would result in fines of hundreds of millions of dollars,” she said, indicating that “substantial reforms” would be needed because of the breach.

Ms. O’Neil left no doubt where her sympathies lay when she asked Optus to provide free credit monitoring to those affected.

“Put yourself in the shoes of an Optus customer… you could be a retiree whose information has been stolen,” she said.

“This is a time of intense fear and I say to Optus, ‘You can do something about this problem today’ and I ask you to do it.”

Ms O’Neil called on Optus to commit to free credit monitoring today.

“We expect Optus to continue to do everything they can to support their customers and former customers,” she told parliament.

One of the questions Ms O’Neil said “arising from a breach of this scale and magnitude” is whether the cybersecurity requirements placed on telecom companies are fit for purpose.

She said it was an issue she and others will address in the coming days.

Following the breach, Ms O’Neil said the government had offered “significant support” to Optus, specifically from the Australian Signals Directorate, the Australian Cyber-Security Center and the Australian Federal Police.

Ms O’Neil thanked the ‘many hundreds of officials who worked through the night and through the weekend over the past holidays’

She said the government, along with financial watchdogs ACCC and APRA, are in talks with the banking industry to see what additional steps can be taken to protect customers.

Additional protections have also been added to government platforms such as the MyGov website

Hackers claim to have access to the data of 11.2 million Optus customers in a major breach that tech experts say is legitimate at this stage.

The ransom demand appeared on an online forum Saturday morning, with the hackers warning the telco it had a week to respond.

‘Optus if you read! price for us not to sell data is 1,000,000$US We give you 1 week to decide,” read part of the message.

The warning comes as Optus customers take to social media to express their frustration, with chief executive and educator Dannielle Miller being just one of millions of people saying the company’s response was “inadequate.”

Ms Miller told Daily Mail Australia that she has been an Optus customer for 30 years and expected more from the telco after decades of loyalty.

She said Optus boss Kelly Bayer Rosmarin’s apology “missed the mark.”

“The CEO called Optus a victim of cyber hacking. It’s not those whose personal information has been hacked – the customers are the victims,” ​​she said.

“It’s hard to hear them cry the victim when it’s obvious they’ve been very lax.”

Ms Miller said she plans to close the Optus accounts of herself, her daughter and her employees and plans to advise them to switch providers.

She said customers who may be forced to change details such as their license number should be compensated by Optus for out-of-pocket expenses.

“Personally, I’m not looking for compensation, what’s important to me is peace of mind and security for my data,” she said, adding that customers should be prioritized.

On Friday morning, Ms Bayer Rosmarin offered an emotional apology to the millions of Optus customers whose data had been compromised.

She confirmed that payment details and account passwords were protected, but admitted that she was “terrible” that the breach had taken place under her supervision.

“I think it’s a mix of a lot of different emotions,” she said downcast.

“Of course I’m angry that there are people who want to do this to our customers, I’m disappointed that we couldn’t have prevented it.

‘I am very sorry and apologise. It shouldn’t have happened.’