Australian Federal Police said the man obtained the customer records publicised by the hackers on an online forum following the data breach.
After, he texted 93 people and threatened to use their data for other crimes if they did not hand over $2,000 (US$1,290).
Alleged Blackmailer to Face Trial
The Rockdale man is charged with two offences: using a telecommunication network to commit blackmail and dealing with identification information illegally.
Police said the man started his scam in the week commencing Sept. 26 and alleged that he would have continued to work his way through the list if not arrested.
None of the people contacted by the alleged blackmailer transferred the money demanded.
“We understand how worried some members of the community are,” AFP Assistant Commissioner Justine Gough said.
“I want to give the community reassurance the AFP and our partners are working around the clock to help protect your personal information.”
The alleged blackmailer will face Sydney Central Local Court at a later date. He could be sentenced to a maximum of 10 years in prison if found guilty.
“The warning is clear–do not test the capability or dedication of law enforcement,” Gough said.
“Just because there has been one arrest does not mean there won’t be more.”
New Amendments to Telecommunications Regulations
Meanwhile, the Australian government is prepared to introduce new amendments to the Telecommunications Regulations 2021, which are said to provide Australians with better protections against fraud in the wake of the Optus data breach.
Under the amendments, telcos can temporarily share critical information such as driver’s licence, Medicare and passport numbers with financial service firms.
This would allow companies to strengthen their monitoring and safeguards for customers in case their personal data is compromised.
In addition, telcos will also be able to share information with the federal government and state and territory agencies to prevent fraud after a data breach occurs.
“What this is all about is to try and reduce the impact of this data breach on Optus customers and to enable financial institutions to implement enhanced safeguards and monitoring,” Communications Minister Michelle Rowland told reporters.
“We take people’s personal information and the protection of that very seriously.”
Rowland also said Optus had asked for greater data access to enhance their fraud monitoring.
“We examined this, did proper due diligence, and we need to be clear. These regulations are specifically in response to these cyber threats, and we know this is on a scale and scope that hasn’t happened in Australia before,” she said.
“We considered it prudent having taken and considered the proper legal advice that the most effective way to enable this data to be shared beyond doubt was through amending these regulations.”
Meanwhile, Treasurer Jim Chalmers said the amendments were created with industry consultation and would allow data to be shared more safely and securely.
“They’ve been carefully designed with strong privacy and security safeguards to ensure only limited information can be made available temporarily to prevent and respond to cyber security incidents, fraud, scams and related activities,” he told reporters.