Authorities in Australia arrested a 19-year-old who allegedly tried to blackmail customers of telecommunications company Optus following a data breach last month that impacted thousands of people.
The teenage hacker allegedly sent out text messages to 93 Optus customers to demand that $2,000 be deposited in a bank account, and threatened to sell and use their information for fraudulent activity if they don’t comply, The Guardian reported. Australian police identified the account at the Commonwealth Bank of Australia, and made the arrest before any of the victims were forced to pay the ransom.
The suspect had targeted a group of individuals whose personal information had been published on a public forum following a data leak. In late September, 10,000 Optus customers had their data hacked and published on an online forum. The data included people’s home addresses, driver’s licenses, and passport information. The hacker group behind the data breach threatened to release the information of more customers unless a $1 million ransom was paid. The post was later taken down, and the user said that they would not sell the information, according to The Guardian.
Thursday’s arrest marks the first arrest related to the Optus data breach. The young suspect could face up to 10 years in prison if convicted on charges of using a telecommunications network with the intent to commit a serious offense (blackmail) and dealing with identification information. The hackers behind the initial data breach have not yet been identified and police say they are still investigating the incident.
The Optus data breach has prompted Australia to propose a change to consumer privacy rules that would better regulate the exchange of data between telecommunication firms and banks, Reuters reported.