Jeremy Kirk has done a terrific job of investigating and reporting on what we know so far about the Optus data leak and extortion attempt. He reports:
Early Saturday, a person going by the nickname “Optusdata” published two samples of the purported stolen data on a well-known data leak forum. The attacker writes that Optus can prevent the sale of the data to other cybercriminals if it pays $1 million in the monero cryptocurrency.
[…]
The two released data samples contain around 100 records and include data fields such as name, email address, physical address, passport number, driver’s license number, birth date, whether a person owns their home or not and more. The data covers current and former Optus customers.
Read more about how the seller claims to have obtained the data and Kirk’s attempts to verify its legitimacy at BankInfoSecurity.