A Sydney man was recently arrested and sentenced to an 18-month Community Correction Order (CCO) and 100 hours of community service after attempting to blackmail people using illegally obtained data from a corporate breach.
The Australian telecommunications company, Optus, suffered a data breach last September. The unnamed man attempted to orchestrate an SMS-based extortion scheme.
“Investigators arrested the man, 20, on Oct. 6, 2022, after the AFP-led Operation Guardian linked him to text messages sent to dozens of Optus customers demanding they transfer $2,000 to a bank account he nominated, or face their personal information being used for other financial crimes,“ the AFP said in a release.
The police report also mentioned that he messaged at least 92 different people, but there’s no indication that anyone responded. He was arrested before he was able to extort anyone.
“AFP Commander Chris Goldsmid said the AFP acted quickly on the allegations to protect Australians from identity fraud and ensure the man would not financially benefit from the data breach.”
The individual pleaded guilty in November to two counts, including blackmail, of using a telecommunications network with intent to commit a serious offense.
While this person has been caught, the data breach from Optus exposed over 2.1 million customers’ information and highlights the importance of strong cybersecurity and a responsive police force that can effectively deal with cyber crimes. The Australian Federal Police (AFP) urges Optus customers to remain on the lookout for criminal activity and don’t:
- Open suspicious links
- Give someone access to your computer, even if they present themselves as a legitimate company
- Give anyone your password or financial information over the phone, even if they claim to be an Optus employee.