Australia telecoms giant Optus said current and former customer data was accessed following a cyberattack on its systems.
Optus said in a press release on Thursday that an unspecified number of customer names, dates of birth, phone numbers, email addresses, and addresses and identity document numbers, such as driver’s license or passport numbers, were taken in the breach.
The telco did not say when the breach took place, but that it believes the incident is over.
Optus is a subsidiary of Singapore-owned Singtel and is Australia’s second largest telecoms company, with about 10 million customers.
The Australian Signals Directorate, the country’s equivalent of the U.S. National Security Agency, was notified about the incident.
Telecom, phone and cell giants are a frequent target for their role in any country’s critical infrastructure. Nation-state-backed hackers are known to break into telcos seeking phone records for spying on critics and conducting espionage, while criminal hackers, like SIM-swappers, often rely on breached data and insider access to carry out social engineering attacks that convince customer support or employees to hand over access to their systems.
Optus is the latest major telco hit by hackers in recent years. In 2015, Australian telco Telstra said its undersea cable company Pacnet’s internal network had been compromised for weeks, with hackers accessing its email and other internal business systems.
In the United States, T-Mobile disclosed its seventh network breach earlier this year, after hackers with the Lapsus$ cybercrime group stole the telco’s source code. Last year, the second largest cell carrier in the U.S. said at least 47 million customers had personal information stolen by hackers.