Sensitive Optus data leaked through the HWL Ebsworth cyberattack

Optus, an Australian mobile-phone company, has experienced another significant cyberattack, resulting in the leakage of more sensitive data.

Russian hackers breached a law firm called HWL Ebsworth, which was conducting a privacy watchdog investigation into Optus. This breach has raised concerns for numerous government departments and agencies, including the Office of the Australian Information Commissioner (OAIC), as they scramble to determine the extent of the data breach. The compromised data includes information related to the OAIC's investigation into Optus, which began in mid-2021.

Optus acknowledged the breach and has sought clarification from the OAIC regarding the impact on their information held by HWL Ebsworth. The OAIC stated that it would review the Optus documents once they are provided by HWL Ebsworth and notify affected individuals accordingly.

HWL Ebsworth, on the other hand, refrained from commenting on the stolen Optus documents but assured that they are conducting a thorough review of the compromised data and promptly informing affected third parties and individuals. They also mentioned their ongoing engagement with relevant authorities, including the OAIC.