Optus Company Cyber Security Posture
optus.com.auAs one of the largest telecommunications companies in Australia, Optus provides mobile, telephony, internet, satellite, entertainment and business network services to more than 10 million customers each day. Our mobile network reaches 98.5 per cent of the Australian population and we are committed to constantly delivering new technologies that will connect more Australians to their friends, families and businesses. We offer a range of pre- and post-paid mobile plans allowing customers to choose a plan that best suits their data and price needs for themselves and their families. Optus is more than just a telco, providing exclusive premium entertainment and sport content across a range of platforms. Whether at youโre at home or on-the-go, you can catch up on the latest TV shows and movies, get closer to the games and players you love with Optus Sport or be the first with tunes on your favourite streaming service and score backstage access to artists with Optus Music. As we move into the next generation, Optus will continue to invest in our people, our communities, our networks and a sustainable future to help create a better and more connected future for Australians.
Optus Company Details
optus
10667 employees
162707.0
517
Telecommunications
optus.com.au
Scan still pending
OPT_5082403
In-progress
Optus Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
Optus Global Score.png)
Optus Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
Optus Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Singtel | Breach | 80 | 4 | 02/2021 | SIN18512322 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: The personal identification information of about 129,000 customers of Singtel was breached in a cyber attack on data transfer software, Accellionโs FTA that it uses. The stolen data includes name, date of birth, phone number, and address of the customers along with bank account information of some former employees. | |||||||
| Optus | Breach | 85 | 4 | 11/2022 | OPT2318111122 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Dennis Su, 19, texted 93 of the telco's customers, demanding they transfer $2000 to a CBA bank account He threatened them for exposing personal information being used for financial crimes. He was having a difficult time being unemployed and wanted to make some quick money. | |||||||
| Optus | Breach | 85 | 4 | 7/2025 | OPT748072825 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: The Optus breach in 2022 involved attackers stealing millions of customer records through an unauthenticated API endpoint. This incident cost the telecom company $140 million AUD in fallout. The vulnerability was easy to exploit and similar issues are still being found in major organizations. | |||||||
| Optus | Breach | 100 | 5 | 8/2025 | OPT448080825 | Link | |
Rankiteo Explanation : Attack threatening the organization's existenceDescription: The Australian Information Commissioner (AIC) has launched civil action against Optus for a 2022 data breach that exposed the personal details of 9.5 million Australians. The breach involved sensitive personally identifiable information, including names, dates of birth, home addresses, phone numbers, email addresses, and government-related identifiers such as passport numbers, driverโs licence numbers, and Medicare card numbers. The attackers exploited a misconfigured API to access the dataset without authentication and issued a ransom demand. Although Optus prevented the theft of payment details and account passwords, a portion of the stolen data was leaked online. The AIC alleges Optus failed to take reasonable steps to protect the data, potentially facing significant financial penalties. | |||||||
| Optus | Cyber Attack | 100 | 6 | 09/2022 | OPT2353111122 | Link | |
Rankiteo Explanation : Attack threatening the economy of a geographical regionDescription: Hackers have breached Optusโ systems. They accessed names, dates of birth, phone numbers, email addresses, physical addresses and driverโs licence numbers of millions of the telecommunications giantโs customers. Up to 9 million customers had been affected. Many had their contact details exposed to the hackers, who also pilfered even more sensitive details, such as passport and driversโ licence numbers, for a smaller portion of Optus customers. | |||||||
| Optus | Ransomware | 100 | 6 | 09/2022 | OPT222127922 | Link | |
Rankiteo Explanation : Attack threatening the economy of a geographical regionDescription: Optus, a telecommunications company suffered a data breach that exposed the private information of 10,000 account holders. The hackers, OptusData, demanded a ransom payment of about AUD$1.5 million in Monero cryptocurrency and said 10,000 records would be released daily until the cash is paid. According to the ransom note, more than 3.8 million "identity document numbers", 3.2 million driver's license numbers and four million user data records were exposed in the breach. | |||||||
Optus Company Subsidiaries
As one of the largest telecommunications companies in Australia, Optus provides mobile, telephony, internet, satellite, entertainment and business network services to more than 10 million customers each day. Our mobile network reaches 98.5 per cent of the Australian population and we are committed to constantly delivering new technologies that will connect more Australians to their friends, families and businesses. We offer a range of pre- and post-paid mobile plans allowing customers to choose a plan that best suits their data and price needs for themselves and their families. Optus is more than just a telco, providing exclusive premium entertainment and sport content across a range of platforms. Whether at youโre at home or on-the-go, you can catch up on the latest TV shows and movies, get closer to the games and players you love with Optus Sport or be the first with tunes on your favourite streaming service and score backstage access to artists with Optus Music. As we move into the next generation, Optus will continue to invest in our people, our communities, our networks and a sustainable future to help create a better and more connected future for Australians.
Access Data Using Our API
Get company history
Rapid.png)
Optus Cyber Security News
Regulatory Risk in the Telecom Sector: Lessons from Optus' 2022 Data Breach and Its Impact on Investor Strategy
Optus' 2022 data breach exposing 10M Australians' personal info triggered telecom sector regulatory reforms and investor scrutiny overย ...
Australia's privacy regulator sues Optus over 2022 data breach
An Australian regulator has sued Optus, alleging the Singapore Telecommunications-owned carrier breached privacy laws during a 2022 cyberย ...
Optus sued over massive data breach
Optus is being sued over the 2022 data breach that exposed the personal data of 9.5 million people.
The Optus Data Breach and the New Era of Cybersecurity Accountability in Telecom
- Optus 2022 data breach exposed 10M Australians' data, triggering regulatory reforms and legal actions. - Telecoms now face stricterย ...
OAIC sues Optus for alleged failings in lead up to 2022 data breach
The context: On 22 September 2022, Optus announced it had been hit by a data breach that is estimated to have affected nearly 10 million people.
Optus sued over massive data breach
Optus is being sued for allegedly failing to protect the data of 9.5 million people. The Australian Information Commissioner announced on Fridayย ...
Optus to answer privacy court case stemming from 2022 data breach
Fresh action filed against telco. Optus is set to face a privacy lawsuit stemming from its 2022 data breach, with Federal Court proceedingsย ...
Legal professional privilege in cybersecurity incident reports โ mere โincantationsโ are not sufficient
The legal purpose must be the dominant purpose for which a document or report comes into existence or a communication is made in order for legalย ...
Australiaโs telecom giant Optus avoids ransom demand as attacker reverses course
The attack on Optus was an โunprecedented theft of consumer information in Australian history,โ Clare O'Neil, minister for home affairs andย ...
Optus Similar Companies
Rogers Communications
Rogers is Canadaโs communications and entertainment company, driven to connect and entertain Canadians. For more information, please visit rogers.com or investors.rogers.com. Dรฉterminรฉe ร connecter et ร divertir les Canadiens et Canadiennes, Rogers est la rรฉfรฉrence canadienne en matiรจre de commu
Telemont
Fundada em 1975, a Telemont Engenharia de Telecomunicaโรโยตes S/A โยฉ lโโ der na prestaโรโยฃo de serviโรos de implantaโรโยฃo, manutenโรโยฃo e operaโรโยฃo de redes de telecomunicaโรโยตes. Sโยฃo 7,7 milhโยตes de acessos de voz, 3 milhโยตes de ADSL e dados e 63 mil km de fibra โโฅptica operados pela empresa. At
Tata Communications
Tata Communications is a digital ecosystem enabler that powers todayโs fast-growing digital economy. We enable the digital transformation of enterprises globally, including 300 of the Fortune 500. We carry around 30% of the worldโs internet routes and connects businesses to 60% of the worldโs cloud
Telecom Egypt
Since its establishment in 1854, Telecom Egypt has played a pivotal role in driving growth within the local ICT market capitalizing on its vast infrastructure, which is one of the largest in the region. Its vast domestic and international infrastructure has helped it serve various customer groups in
Globe Telecom
Globe is a leading full-service telecommunications company in the Philippines and publicly listed in the PSE with the stock symbol GLO. The company serves the telecommunications and technology needs of consumers and businesses across an entire suite of products and services including mobile, fixed,
ZTE Corporation
ZTE Corporation is a global leading provider of integrated information and communication technology solutions. Founded in 1985 and listed on both the Hong Kong and Shenzhen Stock Exchanges, the company has been committed to providing innovative technologies and integrated solutions for global operat
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Optus CyberSecurity History Information
How many cyber incidents has Optus faced?
Total Incidents: According to Rankiteo, Optus has faced 6 incidents in the past.
What types of cybersecurity incidents have occurred at Optus?
Incident Types: The types of cybersecurity incidents that have occurred incidents Ransomware, Cyber Attack and Breach.
What was the total financial impact of these incidents on Optus?
Total Financial Loss: The total financial loss from these incidents is estimated to be $140 million.
How does Optus detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through incident response plan activated with True and communication strategy with Public apology and statement.
Incident Details
Can you provide details on each incident?
Incident : Data Breach
Title: Optus Data Breach
Description: The Australian Information Commissioner (AIC) has launched civil action against Optus for a 2022 data breach that exposed the personal details of 9.5 million Australians. The lawsuit alleges that Optus failed to take reasonable steps to protect victimsโ personal information from unauthorized access and disclosure, in breach of Australiaโs Privacy Act 1988.
Date Detected: 2022-09
Date Publicly Disclosed: 2022-09
Type: Data Breach
Attack Vector: Misconfigured API
Vulnerability Exploited: Misconfigured API
Motivation: Financial gain (ransom demand)
Incident : Data Breach
Title: APIs: Still Easy Targets in 2025
Description: APIs are the backbone of modern applications and one of the most exposed parts of an organizationโs infrastructure, making them a prime target for attackers. One of the highest-profile examples was the Optus breach in 2022, where attackers stole millions of customer records through an unauthenticated API endpoint, costing the telecom company $140 million AUD in fallout.
Type: Data Breach
Attack Vector: Unauthenticated API Endpoint
Vulnerability Exploited: Broken Authorization
Incident : Data Breach
Title: Data Breach at Optus
Description: Hackers have breached Optusโ systems, accessing personal information of millions of customers.
Type: Data Breach
Threat Actor: Hackers
Incident : Extortion
Title: Extortion Attempt by Unemployed Individual
Description: Dennis Su, 19, texted 93 of the telco's customers, demanding they transfer $2000 to a CBA bank account. He threatened them for exposing personal information being used for financial crimes. He was having a difficult time being unemployed and wanted to make some quick money.
Type: Extortion
Attack Vector: SMS
Threat Actor: Dennis Su
Motivation: Financial Gain
Incident : Data Breach, Ransomware
Title: Optus Data Breach
Description: Optus, a telecommunications company, suffered a data breach that exposed the private information of 10,000 account holders. The hackers, OptusData, demanded a ransom payment of about AUD$1.5 million in Monero cryptocurrency and said 10,000 records would be released daily until the cash is paid. According to the ransom note, more than 3.8 million "identity document numbers", 3.2 million driver's license numbers and four million user data records were exposed in the breach.
Type: Data Breach, Ransomware
Threat Actor: OptusData
Motivation: Financial
Incident : Data Breach
Title: Singtel Data Breach
Description: The personal identification information of about 129,000 customers of Singtel was breached in a cyber attack on data transfer software, Accellionโs FTA that it uses. The stolen data includes name, date of birth, phone number, and address of the customers along with bank account information of some former employees.
Type: Data Breach
Attack Vector: Vulnerability in third-party software (Accellionโs FTA)
Vulnerability Exploited: Accellionโs FTA
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Misconfigured API and Unauthenticated API Endpoint.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach OPT448080825
Data Compromised: Personal details of 9.5 million Australians
Brand Reputation Impact: Significant
Legal Liabilities: Potential civil penalty order
Identity Theft Risk: High
Payment Information Risk: None (payment details and account passwords were not stolen)
Incident : Data Breach OPT748072825
Financial Loss: 140 million AUD
Data Compromised: Millions of customer records
Incident : Data Breach OPT2353111122
Data Compromised: names, dates of birth, phone numbers, email addresses, physical addresses, driverโs licence numbers, passport numbers
Incident : Data Breach, Ransomware OPT222127922
Data Compromised: Identity document numbers, Driver's license numbers, User data records
Incident : Data Breach SIN18512322
Data Compromised: Name, Date of Birth, Phone Number, Address, Bank Account Information
Systems Affected: Accellionโs FTA
What is the average financial loss per incident?
Average Financial Loss: The average financial loss per incident is $23.33 million.
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally identifiable information, Customer records, names, dates of birth, phone numbers, email addresses, physical addresses, driverโs licence numbers, passport numbers, Identity document numbers, Driver's license numbers, User data records, Personal Identification Information and Bank Account Information.
Which entities were affected by each incident?
Incident : Data Breach OPT448080825
Entity Type: Telecommunications
Industry: Telecommunications
Location: Australia
Size: Large
Customers Affected: 9.5 million
Incident : Data Breach OPT748072825
Entity Type: Telecom Company
Industry: Telecommunications
Customers Affected: Millions
Incident : Data Breach OPT2353111122
Entity Type: Telecommunications Company
Industry: Telecommunications
Customers Affected: Up to 9 million
Incident : Extortion OPT2318111122
Entity Type: Telco
Industry: Telecommunications
Customers Affected: 93
Incident : Data Breach, Ransomware OPT222127922
Entity Type: Telecommunications Company
Industry: Telecommunications
Customers Affected: 10000
Incident : Data Breach SIN18512322
Entity Type: Telecommunications Company
Industry: Telecommunications
Customers Affected: 129,000
Response to the Incidents
What measures were taken in response to each incident?
Incident : Data Breach OPT448080825
Incident Response Plan Activated: True
Communication Strategy: Public apology and statement
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach OPT448080825
Type of Data Compromised: Personally identifiable information
Number of Records Exposed: 9.5 million
Sensitivity of Data: High
Data Exfiltration: True
Personally Identifiable Information: Names, dates of birth, home addresses, phone numbers, email addresses, government-related identifiers (passport numbers, driverโs licence numbers, Medicare card numbers, birth certificate information, marriage certificate information, armed forces, defence force and police identification information)
Incident : Data Breach OPT748072825
Type of Data Compromised: Customer records
Number of Records Exposed: Millions
Incident : Data Breach OPT2353111122
Type of Data Compromised: names, dates of birth, phone numbers, email addresses, physical addresses, driverโs licence numbers, passport numbers
Number of Records Exposed: Up to 9 million
Personally Identifiable Information: True
Incident : Data Breach, Ransomware OPT222127922
Type of Data Compromised: Identity document numbers, Driver's license numbers, User data records
Number of Records Exposed: 11000000
Incident : Data Breach SIN18512322
Type of Data Compromised: Personal Identification Information, Bank Account Information
Number of Records Exposed: 129,000
Personally Identifiable Information: Name, Date of Birth, Phone Number, Address
Ransomware Information
Was ransomware involved in any of the incidents?
Incident : Extortion OPT2318111122
Ransom Demanded: $2000
Incident : Data Breach, Ransomware OPT222127922
Ransom Demanded: AUD$1.5 million
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident?
Incident : Data Breach OPT448080825
Regulations Violated: Australiaโs Privacy Act 1988
Legal Actions: Civil penalty order sought by AIC
How does the company ensure compliance with regulatory requirements?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Civil penalty order sought by AIC.
Lessons Learned and Recommendations
What lessons were learned from each incident?
Incident : Data Breach OPT448080825
Lessons Learned: Organizations holding personal information need to ensure they have strong data governance and security practices to guard against vulnerabilities that threat actors will be ready to exploit.
What are the key lessons learned from past incidents?
Key Lessons Learned: The key lessons learned from past incidents are Organizations holding personal information need to ensure they have strong data governance and security practices to guard against vulnerabilities that threat actors will be ready to exploit.
References
Where can I find more information about each incident?
Incident : Data Breach OPT448080825
Source: Australian Information Commissioner
Date Accessed: 2024-08-08
Incident : Data Breach OPT748072825
Source: Intruder
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Australian Information CommissionerDate Accessed: 2024-08-08, and Source: Intruder.
Investigation Status
What is the current status of the investigation for each incident?
Incident : Data Breach OPT448080825
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Public apology and statement.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident?
Incident : Data Breach OPT448080825
Customer Advisories: Public apology and statement
What advisories does the company provide to stakeholders and customers following an incident?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Public apology and statement.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Data Breach OPT448080825
Entry Point: Misconfigured API
Incident : Data Breach OPT748072825
Entry Point: Unauthenticated API Endpoint
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Data Breach OPT448080825
Root Causes: Misconfigured API and inadequate security practices
Corrective Actions: Investing in the security of customersโ information, systems, and cyber defence capabilities
Incident : Data Breach OPT748072825
Root Causes: Broken Authorization
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Investing in the security of customersโ information, systems, and cyber defence capabilities.
Additional Questions
General Information
What was the amount of the last ransom demanded?
Last Ransom Demanded: The amount of the last ransom demanded was True.
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident were an Hackers, Dennis Su and OptusData.
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on 2022-09.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2022-09.
Impact of the Incidents
What was the highest financial loss from an incident?
Highest Financial Loss: The highest financial loss from an incident was 140 million AUD.
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal details of 9.5 million Australians, Millions of customer records, names, dates of birth, phone numbers, email addresses, physical addresses, driverโs licence numbers, passport numbers, Identity document numbers, Driver's license numbers, User data records, Name, Date of Birth, Phone Number, Address and Bank Account Information.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was Accellionโs FTA.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personal details of 9.5 million Australians, Millions of customer records, names, dates of birth, phone numbers, email addresses, physical addresses, driverโs licence numbers, passport numbers, Identity document numbers, Driver's license numbers, User data records, Name, Date of Birth, Phone Number, Address and Bank Account Information.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 18.6M.
Ransomware Information
What was the highest ransom demanded in a ransomware incident?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was $2000.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Civil penalty order sought by AIC.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Organizations holding personal information need to ensure they have strong data governance and security practices to guard against vulnerabilities that threat actors will be ready to exploit.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident are Australian Information Commissioner and Intruder.
Investigation Status
What is the current status of the most recent investigation?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued?
Most Recent Customer Advisory: The most recent customer advisory issued was was an Public apology and statement.
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Unauthenticated API Endpoint and Misconfigured API.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Misconfigured API and inadequate security practices, Broken Authorization.
What was the most significant corrective action taken based on post-incident analysis?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Investing in the security of customersโ information, systems, and cyber defence capabilities.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
