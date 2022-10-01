Federal and state authorities have set up a new operation aimed at protecting the identities of some 10,000 Optus customers whose details were published to an online forum following a massive data breach.

Operation Guardian, launched Friday, covers “the Australian Federal Police, all state and territory Police, the Australian Cyber Security Centre (ACSC), the Australian Banking Association (ABA), IDCARE and the Customer Owned Banking Association”.

The formation of ‘Operation Guardian’ appears to confirm the veracity of customer records that were published online by the alleged attacker as part of an extortion attempt.

A forum user threatened to drip-feed stolen details online while a ransom was unpaid.

One file was published, only to be removed, along with the threats to publish more - shortly after, though not before being accessed and analysed by users of other internet forums, which iTnews has chosen not to name or link to.

Analysis of the file showed the extent of data fields that had been breached.

There has been much speculation since then, inside and outside of cyber security circles, as to what led the forum user to suddenly change their mind.

Operation Guardian appears to confirm what other internet users suspected though - that the leaked file of 10,000 records is genuine.

“The AFP and state and territory police have set up Operation Guardian to supercharge the protection of more than 10,000 customers whose identification credentials have been unlawfully released online under the Optus data breach,” the agencies said in a statement.

“Customers affected by the breach will receive multi-jurisdictional and multi-layered protection from identity crime and financial fraud.

“The 10,000 individuals, who potentially had 100 points of identification released online, will be prioritised.”

Under Operation Guardian, agencies will work to identify all the impacted customers and “alert industry to enable further protection for those members of the public”.

They will also monitor for specific exploitation of this information, and work with the financial sector “to detect criminal activity associated with the data breach”.

AFP assistant commissioner cyber command Justine Gough said while the online forum post advertising the stolen data for sale had been removed, “other criminals may have access to some, or all, of the data.”

“Australian law enforcement are aware of current criminal activity attempting to target and exploit impacted Optus customers that have been the subject of this data breach,” Gough said.