Australian Police Arrests Teen Who Blackmailed Optus Subscribers

The Australian Federal Police (AFP) has reported that a 19-year-old teenager has been arrested in Sydney for blackmailing subscribers of Australia’s second largest telecommunications company, Optus, which was hacked in late September.

Let me remind you that the attacker who hacked Optus claimed that he managed to steal the data of 11 million subscribers of the company, including names, dates of birth, phone numbers, email addresses, physical addresses, information about driver’s licenses and passport numbers.

Let me also remind you that we wrote that India arrests Russian hacker who offered applicants help in passing the JEE-Main exam.

Later, the company confirmed that the data of 9.8 million customers were indeed compromised, and for 2.1 million even identity cards leaked.

As proof of his words, the attacker posted a sample of the stolen data (information of 10,000 users) on the Breached hack forum and demanded that the company pay a ransom of $ 1,000,000, and otherwise threatened to reveal all the stolen data at all.

Although in the end the hacker felt that he had drawn too much attention to himself and “changed his mind”, already in late September, information security experts warned that the victims of this leak began to receive messages from scammers who demanded 2000 Australian dollars (about 1300 US dollars) within two days, or promised to resell the data to other hackers.

One of these blackmailers has now been arrested by the Australian police. The teenager used the published data of 10,000 subscribers to contact the victims via SMS and threaten that their data would be resold to other criminals if they did not pay 2,000 Australian dollars.

At the same time, the fraudster used an account with the Commonwealth Bank of Australia to receive ransoms, and the police easily obtained information from the bank about its owner.

According to the investigation, the arrested young man managed to send out messages to 93 individuals whose personal details were published on the Breached forum. However, none of the victims ever paid the ransom.