Last week’s cyberintrusion at Australian telco Optus, which has about 10 million customers, has drawn the ire of the country’s government over how the breached company should deal with stolen ID details.

Darkweb screenshots surfaced quickly after the attack, with an underground BreachForums user going by the plain-speaking name of optusdata offering two tranches of data, alleging that they had two databases as follows:

  11,200,000 user records with name, date of birth, mobile nmber and ID
   4,232,652 records included some sort of ID document number
   3,664,598 of the IDs were from driving licences

  10,000,000 address records with email, date of birth, ID and more
   3,817,197 had ID document numbers
   3,238,014 of the IDs were from driving licences

The seller wrote, “Optus if you are reading! Price for us to not sale [sic] data is 1,000,000$US! We give you 1 week to decide.”

Regular buyers, the seller said, could have the databases for $300,000 as a job lot, if Optus didn’t take up its $1m “exclusive access” offer within the week.

The seller said they expected payment in the form of Monero, a popular cryptocurrency that’s harder to trace than Bitcoin.

Monero transactions are mixed together as part of the payment protocol, making the Monero ecosystem into a sort-of cryptocoin tumbler or anonymiser in its own right.