, so we don’t yet know for sure what happened, but it’s been widely reported that the company left open an API that revealed customer data to anyone who visited the API.
If it was a hack rather than an open API, wouldn’t Optus have rapidly disclosed what happened, so the rest of the world could deal with whatever flaw was exploited in the hack?are correct, the company didn’t even do standard ‘Happy Path’ testing on the system in question, much less penetration testing, leaving 9.8 million Australians to walk a very unhappy path for many years to come. Here’s what you need to know.Software developers call it the “Happy Path”.
If the API page returns data, the software has usually* failed the test, and I need to keep working on my API.
Exactly. Optus put out an 𝗢𝗽𝗲𝗻 𝗶𝗻𝘃𝗶𝘁𝗮𝘁𝗶𝗼𝗻. 𝗡𝗼 𝗮𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗿𝗲𝗾𝘂𝗶𝗿𝗲𝗱. 𝗘𝘃𝗲𝗿𝘆𝗼𝗻𝗲’𝘀 𝗶𝗻𝘃𝗶𝘁𝗲𝗱. 𝗖’𝗺𝗼𝗻 𝗼𝗻𝗲 & 𝗮𝗹𝗹 OptusDataBreach
No it's ticking time bomb BOHICA
Optus ceo has to go
We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:
Australia Latest News, Australia Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Optus hack is the new normThe massive data breach could have happened to any Australian business. Every organisation and citizen has a responsibility to address their own cyber security. BoycottOptus I recieve many calls from people whom did not make the call. OptusHack refuse to allow you to disconnect your number, they switch the number to prepaid, so wrong! boycott 💩 service all round Optus mmm... so how about not retaining all the details once an account has been set up...🤔 then there wouldn't be any data would there 🙄 No. No it couldn’t. Other businesses will be following best practice. And not leaving an unauthenticated api gateway open. That’s clown world. And I’ll bet someone did it as it was too hard to work with security to do it right. So they did it wrong.
Source: FinancialReview - 🏆 2. / 90 Read more »
Cyber rules on the way to fight Optus hack fraudstersThe new rules come as Optus chief Kelly Bayer Rosmarin prepares to meet with the telco’s owner, Singtel, to discuss last week’s breach, which compromised millions of users. So she can meet with her Singaporean bosses but not email her own customers. I don't know if you can still call it Optus hack if if it was an unauthentication API. Send a request containing mobile number and get a response containing account info... If these reports are correct it's more a case of leaving the door wide open & getting your stuff stolen 😆 Cutting corners in IT again.
Source: FinancialReview - 🏆 2. / 90 Read more »
Cyber rules on the way to fight Optus hack fraudstersThe new rules come as Optus chief Kelly Bayer Rosmarin prepares to meet with the telco’s owner, Singtel, to discuss last week’s breach, which compromised millions of users. To resign as her position is untenable. The size and amount of compromised customer information is unprecedented. Optus SkyNewsAust newscomauHQ abcnews smh theage theheraldsun dailytelegraph canberratimes They put 9 million Australians at GREAT RISK. Every one of them should resign to squalor AT THE LEAST.
Source: FinancialReview - 🏆 2. / 90 Read more »
Home affairs minister points finger at Optus, saying hack should not have happenedThe home affairs minister says blame lies with Optus for a security breach affecting millions of Australians, as she calls on the telco giant to offer free fraud-monitoring services. ...well, no? It shouldn't have? But it did so...now what Optus is owned by the Singapore government company, Singtel. That in itself is a huge worry. Did the Huawei equipment have anything to do with the hack?
Source: abcnews - 🏆 5. / 83 Read more »
Optus investigating $US1 million ransom threat for allegedly stolen dataThe hackers claim to have personal information on millions of Australians, although the authenticity of their assertion has not been established.
Source: brisbanetimes - 🏆 13. / 67 Read more »
Federal police monitoring reports of stolen Optus data being sold on the dark webThe Australian Federal Police says it is monitoring reports that stolen Optus customer data and credentials are allegedly being sold through a number of forums, including the dark web. Of course they are. We are sitting ducks waiting to be hacked or have our identities stolen. So, will Optus be shut down permanently for endangering the lives of half the Australian population? Will police violently take Optus executives into custody? Why are corporations exempt from Rule of Law; and free to live forever at our expense? No 💩, they didn’t steal the data to make Optus look bad.
Source: SBSNews - 🏆 3. / 89 Read more »